Privacy & Data Security
Our data security lawyers are trusted privacy and information security advisors and advocates. We maintain strong relationships with local law enforcement officials and data breach response vendors to better serve clients by offering proactive advice and quick response in the critical time following a data breach. Whether you are a company needing help or a professional advisor seeking local assistance, we are ready to assist you with your compliance, incident response, or litigation needs.
We understand and solve complex problems for service professionals, manufacturers, and contractors, as well as state and federally regulated health care providers, health plans, financial institutions, and retailers.
Stites & Harbison will:
-
Educate and provide practical solutions to strengthen data security plans and improve policies.
-
Review and draft vendor contracts, business associate agreements, terms of use and privacy policies, or transactional agreements involving data security.
-
Advise and respond to government investigations, including HIPAA and HITECH audits and regulatory compliance requirements.
-
Provide immediate advice when a data breach occurs to comply with state and federal data breach laws, investigate, and formulate effective strategies to mitigate damages.
-
Defend litigation arising from alleged privacy and security data breaches.
Members and associates actively participate in major professional organizations, including:
-
American Bar Association
-
American Health Lawyers Association
-
Defense Research Institute
-
Mortgage Bankers Association of America
-
International Association of Privacy Professionals
Stites & Harbison's data security attorneys work on a variety of privacy and security matters. Notable assignments include:
-
Successfully obtained summary judgment for a healthcare provider in Jefferson Circuit Court in a putative class action asserting claims for negligence, negligence per se, and invasion of privacy stemming from an alleged data breach disclosing patient information. Judgment was obtained prior to any class being certified.
Obtained summary judgment for defendant in putative class action asserting multiple claims arising from alleged data breach.
-
Investigated and advised an employer-sponsored health plan on breach reporting obligations following a cyber-attack involving malicious software.
-
Advised on a professional legal malpractice claim concerning a data breach.
-
Advised an online retail business in responding to and investigating a data breach, including working with various State’s Attorney General offices.
-
Assisted client in responding to Office for Civil Rights complaint investigations and desk audits arising from alleged HIPAA violations and data breach reports.
-
Worked with domestic financial institutions to recover client funds unlawfully transferred to foreign banks.
-
Advised client and collaborated with FBI and other law enforcement concerning theft of funds arising from multiple data breaches.
-
Advised employer in connection with employees’ confidential postings on social media.
-
Analyzed and identified HIPAA-regulated product offerings for a financial institution and worked with internal legal, compliance, and business teams in developing a comprehensive HIPAA compliance plan.
-
Represented a medical practice in a data breach investigation and notification to individuals following insider theft of social security numbers from patient medical records.
-
Performed an enterprise-wide data classification analysis for an organization regulated by numerous state and federal privacy laws; drafted vendor contract with requirements to safeguard information in compliance with applicable laws.
Stites & Harbison Earns 93 Rankings in 2025 Best Law Firms®
Stites & Harbison, PLLC has been ranked in the 2025 edition of Best Law Firms®. The firm’s National Tier 1 rankings include: Litigation – Construction, Litigation – Real Estate, and Trademark Law. The firm’s overall results include 93 metropolitan rankings in six regions and represent 52 legal practice areas.
Kentucky Academy of Healthcare Attorneys Webinar: Medical Cannabis Seminar
Time: 9:00 a.m. - 12:00 p.m.
WEBINAR
Stites & Harbison attorneys Bailey Browning, Kelly White Bryant, Jennifer Cave, Jackson Hurst-Sanders, Robin McGuffin and Sarah Cronan Spurlock will be speakers at the Kentucky Academy of Healthcare Attorneys webinar, Medical Cannabis Seminar being held November 13, 2024.
Jennifer Henry Jackson Selected for Ignite Louisville Class of Spring 2025
The Leadership Louisville Center has selected Stites & Harbison, PLLC attorney Jennifer Henry Jackson to participate in the Ignite Louisville Class of Spring 2025. The six-month class teaches the key components of leadership to young professionals between the ages of 25 and 45 years old.
A Forever Chemicals Primer: When, Why, How, Who, and Where?
Part 1 of webinar series, "A Forever Chemicals Primer: When, Why, How, Who, and Where?," where attorneys Jennifer Cave and John Tate discussed identifying common commercial and industrial applications of PFSA; providing up-to-date human health and environmental testing data; and discuss state and federal regulatory status of forever chemcials.
Stites & Harbison, PLLC Achieves 2023-24 Mansfield Certification
Stites & Harbison, PLLC is pleased to announce that it has achieved 2023-24 Mansfield Certification. Mansfield is a year-long structured certification process designed for law firms to ensure all lawyers have an opportunity to advance into leadership.
FTC Noncompete Rule Struck Down Nationwide
On Tuesday, August 20, 2024, the United States District Court for the Northern District of Texas entered an order preventing the FTC’s rule on noncompetes from going into effect nationwide. For the time being, employers do not need to comply with the FTC’s rule, which was scheduled to go into effect on September 4, 2024. Employment attorneys Shannon Hamilton, Robin McGuffin, and Zac Losey take a look at that decision in this Stites & Harbison Client Alert.
Stites & Harbison, PLLC Lawyers Named to 2025 Best Lawyers® Publications
Stites & Harbison, PLLC is pleased to announce that 97 of its lawyers are included in the 2025 edition of The Best Lawyers in America®. Since it was first published in 1983, Best Lawyers® has become universally regarded as the definitive guide to legal excellence according to the publication. Additionally, 12 Stites & Harbison attorneys are named as “Lawyer of the Year” and 30 attorneys are recognized in Best Lawyers: Ones to Watch® in America, which recognizes attorneys early in their careers for outstanding professional excellence in private practice in the United States.
Richard Myers named Stites & Harbison's Nashville Office Executive Member
Stites & Harbison, PLLC has named attorney Richard S. Myers, Jr., as its Nashville and Franklin Office Executive Member. He succeeds Gregory D. Smith, who has served in this role for nine years.
2024 Kentucky Health Law Institute
The Campbell House, 1375 South Broadway, Lexington, Kentucky
Stites & Harbison attorney Kelly Bryant is on the Planning Committee for the 2024 Kentucky Health Law Institute presented by UK Rosenberg College of Law. Healthcare attorney Shea Luna will be one of the speakers. The Institute is being held in Lexington, Kentucky September 4-5,
FTC Non-Competition Final Rule Update
On July 3, 2024, a Texas federal Northern District Court granted a preliminary injunction to the Plaintiff and the four Intervening Plaintiffs in the matter of Ryan v. Federal Trade Commission. The preliminary injunction enjoins the Federal Trade Commission’s (“FTC”) Final Rule prohibiting non-competition agreements from being implemented and enforced as to the Plaintiff and Intervening Plaintiffs only. In addition, the Court enjoined the effective date of the Final Rule, again limiting the injunction to the Plaintiff and Intervening Plaintiffs only. Employment attorney Shannon Hamilton takes a look at the update in this Stites & Harbison Client
Department of Labor Overtime Rule Becomes Effective!
The Department of Labor’s (“DOL”) Final Rule increasing the salary level for exempt positions and increasing the number of employees eligible for overtime goes into effect today, July 1, 2024, for all 50 states, with the exception of the state of Texas as an employer. The Overtime Rule does apply to private employers in Texas. Employment attorney Shannon Hamilton takes a look at what that means to employers in this Stites & Harbison Client
News of the Death of Workers’ Jobs at the Virtual Hands of AI is Greatly Exaggerated
Artificial Intelligence (AI) is being touted as having the potential to save humanity or destroy it. On the saving side there is the possibility for drug discoveries, disease (e.g. cancer) diagnosis for early detection and cure, and energy discovery and efficiency. Stephen Weyer takes a look at the world AI in this Stites & Harbison Client
Stites & Harbison Ranks in Top 20 on 2024 "Best Place to Work in Kentucky" List
Stites & Harbison, PLLC ranks in the Top 20 “Best Places to Work in Kentucky” for 2024 in the medium company category. The firm has made the list 18 times — 10 of those in the Top 10.
Checking in on the Status of the Fair Labor Standards Act Exempt Salary Threshold Increase
It is a little under two weeks until the July 1, 2024, effective date for the U.S. Department of Labor’s Final Rule (the “Final Rule”) raising the minimum salary level requirement for exempt white-collar employees to $43,888 annually. Now is the time to check in on the status of any legal challenges which might effect that deadline and employment attorney Shannon Hamilton takes a look at those challenges in this Stites & Harbison Client
Providers and Laboratories Beware of EKRA: A Not-So-New Tool for Health Care Fraud and Abuse Enforcement
In an effort to combat the ongoing opioid crisis, Congress passed in 2018 the Eliminating Kickbacks in Recovery Act (“EKRA”) imposing significant monetary penalties on anyone paying or receiving payment for referrals to a recovery home, clinical treatment facility, or laboratory. However, given its broad language, EKRA may reach organizations not involved with substance abuse treatment. Health care providers and laboratories, therefore, should be aware of EKRA and its implications on their practice. Health care attorney Shea Luna takes a look at EKRA in this Stites & Harbison Client Alert.
International Association of Defense Counsel (IADC) 2024 Annual Meeting
Fairmont Hotel Vancouver, 900 West Georgia Street, Vancouver, Canada
Privacy and Data Security attorney Sarah Cronan Spurlock will be a speaker at the 2024 Annual Meeting of the IADC July 6-11.
The Cost of Third- Party Data Breaches: How to Avoid a Financial Disaster
Time: 12:00 p.m. - 1:30 p.m.
Webinar
Chad McTighe and Sarah Spurlock will be the speakers for The Knowledge Group's Webinar on June 14, 2024 discussing the costs associated with unforeseen security risks.
FTC Issues Final Rule Banning Non-Compete Agreements; Legal Challenges Have Already Begun
On April 23, 2024, the FTC issued its final rule banning employers’ use of non-compete agreements. The rule is broad, applying nationwide and to all non-compete agreements, with a few narrow exceptions. The ban has not gone into effect—it’s scheduled to go into effect 120 days after being published in the Federal Register—and legal challenges have already been filed. Robin McGuffin and Zac Losey take a look at the new rule in this Stites & Harbison Client Alert.
Kentucky Hospital Association Annual Convention
Central Bank Center, 430 West Vine Street, Lexington, Kentucky 40507
Health care attorneys Shea Luna and Sarah Spurlock will be presenters at the Kentucky Hospital Association's Annual Convention in Lexington, KY being held May 20-22, 2024.
Data Security and Privacy Symposium
Time: 8:00 a.m. - 4:30 p.m.
State Bar of Georgia Conference Center, 104 Marietta Street NW, Atlanta, GA 30303
Attorneys Shannon Sprinkle and Matt Gass will be moderating and participating on a panel focused on Litigation Trends in Privacy and Data Protection on April 17, 2024 presented by the Atlanta Bar Association.