Since well before companies entered the age of “Big Data,” Benesch attorneys have been advising clients on privacy and data security issues including the protection of sensitive information and data both in the United States and around the world.

Today’s landscape for data security and privacy is characterized by increasing complexity. We have more computers, mobile applications, 24/7 connectivity and evolving security threats than ever before, while being subject to more stringent legal requirements and security standards. Additionally, certain industries, such as health care, financial services, and eCommerce have evolved such that data security and privacy have taken on extra significance. These changes, coupled with the recent surge in high-profile data security breaches, and increased enforcement by governmental bodies around the world, mean that privacy and data security compliance can no longer be placed on the back burner – it has become the among the highest priority issues for businesses of all sizes.

Throughout this technology revolution, Benesch’s team of attorneys has stayed ahead of the trends and consistently helped clients of all sizes and industries navigate their privacy and data security compliance needs. The team at Benesch is experienced to be able to support clients in a global, always-connected business landscape.

Benesch maintains distinct capabilities in support of privacy and data security through the joint efforts of its Innovations, Information Technology and Intellectual Property Practice Group (3iP); Health Care Practice Group; and Labor & Employment Practice Group. Working together, this interdisciplinary team provides insightful counsel and specialized depth of experience to clients across industries and situations.

You can trust the experienced team at Benesch to advise your company on domestic and international issues, to guide you through the compliance landscape, and to help you at critical times when a privacy or data security breach has occurred. We provide sensible guidance for business scenarios at all levels of complexity.

Innovations, Information Technology and Intellectual Property (3iP) Practice

Benesch works with companies of all sizes and in a variety of industries to enable technology investments to reach their full potential. The 3iP team is fully versed in the latest software, hardware and other technology solutions that are available to companies, and understands the nuances of the increasingly stringent regulations that govern how companies manage their information flow and storage.

We regularly work on privacy and data security-related matters as special outside counsel or through cost-effective onsite, short-term assignments to help clients with their compliance efforts.

Companies must also be prepared for data breaches and security threats, and Benesch provides the experience needed to respond quickly and effectively to data breach situations in an effort to mitigate exposure and risk.

The firm has a deep bench of talented team members, including those with significant in-house experience, to offer a comprehensive skill-set and experienced perspective in support of companies as they manage privacy and data security and privacy compliance and related issues. The firm frequently works on a proactive basis to identify areas of risk, and partners with technology vendors and consultants to implement solutions that are required under the expanding body of law in this area.

As businesses more frequently turn to technology when interacting with customers, connecting employees and storing sensitive information, Benesch acts as a valuable partner that enables businesses to maximize their level of safety, security and privacy, while minimizing risk to their stakeholders.


  • The Benesch 3iP Group is comprised of over 20 attorneys and patent agents, including one lawyer who came to Benesch after serving as an engineer and then in-house counsel attorney and Global Privacy Program Manager for a global Fortune 500 company.
  • Several lawyers in the group are members of the International Association of Privacy Professionals (IAPP) and have achieved the CIPP designation.
  • Several attorneys listed in information technology law among the Best Lawyers® “Best Lawyers in America” rankings by U.S. News & World Report, which assesses more than 10,000 US law firms in 80 national legal practice areas and 118 metro or state practice areas.

Service Examples

  • Comprehensive U.S. and global data security and privacy compliance including:
    • Gramm-Leach-Bliley,
    • Childrens' Online Privacy Protection Act,
    • FTC Privacy Guidelines,
    • FTC "Red Flag" (identity theft mitigation) rule,
    • EU, ADEA and Swiss Data Protection Directives, including the EU General Data Protection Regulation and the EU/US Privacy Shield
  • Document retention and destruction policies and related compliance
  • Software, hardware and vendor services agreements including privacy and security aspects
  • Usage and privacy policies for websites and web-based apps
  • Document retention and destruction compliance
  • Prevention and management of data security breaches
  • The legal aspects of compliance with industry privacy and security standards including:
    • the PCI-DSS, NIST, ISO technical standards, and
    • the SSAE 16 audit standard

Healthcare Practice

Updates to HIPAA have rippled throughout the health care industry to now directly regulate vendors and other service providers to the health care industry (“business associates”), along with hospitals, health plans, doctor’s offices and others within the industry, who must take special care in managing information about patients and their care. One of the most noticeable trends in the industry is the movement to electronic medical records and use of electronic tools to manage care.

Benesch understands the tools used in and the regulations shaping the health care landscape. Our team members offer diverse perspectives and specialized knowledge and experience that provide an insider’s viewpoint and a unique understanding to each engagement. The team has worked directly with hospitals, device manufacturers, software makers, health insurers, long-term care facilities and others.


  • Benesch’s Health Care Practice Group draws on more than 200 years of combined experience in the health care industry to service clients.
  • Benesch's Health Care Practice Group received first-tier rankings in Cleveland and Columbus in 2014 for our health care practice in the Best Lawyers® “Best Law Firms” rankings by U.S. News & World Report, which assesses more than 10,000 US law firms in 80 national legal practice areas and 118 metro or state practice areas.

Service Examples

  • Experience serving physician organizations, health systems, long-term care and senior living facilities, behavioral health providers, diagnostic imaging enterprises, durable medical equipment manufacturers and suppliers, pharmaceutical retailers, wholesalers, distributors and manufacturers and more
  • Business associate agreements

  • Technology vendor selection and implementation

  • Privacy policies and data security systems

  • Data management, sharing and disclosure

Labor and Employment Practice

Employers face major regulatory challenges from the likes of HIPAA, the Fair and Accurate Credit Transactions Act (FACTA), the Americans with Disabilities Act (ADA) and others. Management of the resulting data is critical, which has put a premium on the increased use of technology for data storage, sharing and security.

Benesch offers highly knowledgeable professionals who provide pragmatic counsel to allow companies to protect themselves and their employees.

In today’s workplaces, it is important to have a partner who helps ensure the proper processes, policies and tools are in place to protect the sensitive information that belongs to your business, your employees and your customers.

Benesch has experience providing training to privacy officers to maintain compliance with data security regulations and working with companies to prevent data loss, or to help mitigate a data breach. In addition, the team is able to offer pragmatic advice on how to reduce the risk of employee data theft. An expansion of HIPAA has created compliance needs for companies doing business with entities in the health care industry. Additionally, more companies are moving to self-funded health plans, which require data security and compliance on par with what is expected of traditional health insurers.


  • One of our partners served on the president-appointed National Labor Relations Board and was recently reappointed by the Speaker of the House of Representatives to his third consecutive six-year term on the U.S. Commission on Civil Rights.
  • We are actively involved with clients in many industries such as retail, automotive, health care, manufacturing, trucking, technology, food and beverage distribution, industrial product distribution, professional services and banking, to name just a few.

Service Examples

  • Non-compete agreements & trade secret rights
  • Employer policies on internet use, mobile devices and social media

  • Counsel for HIPAA, FACTA and ADA compliance

  • Corporate policies for voice mail, email, social media and internet use by employees

  • Security measures for third-party providers

  • Employee privacy issues, including searches of employee property and drug and alcohol testing;

  • Employee nondisclosure obligations for confidential and proprietary information

  • Securing, maintaining and enforcing cyber insurance policies