Practice AreaData Breach

Print this page

Sheehan Phinney provides comprehensive advice to its clients to minimize the risk of a data breach including how to manage electronic data and implement recognized best practices. When a breach occurs, we efficiently and effectively handle all aspects of sending notifications to affected individuals across the country, regulators, and credit bureaus. Leveraging our Lex Mundi membership, we can also coordinate legal services around the globe, if affected individuals are located outside the United States. If claims arise from a breach, our litigation group adeptly and tactfully defends clients to protect them from liability. Sheehan Phinney is frequently appointed by clients’ cyber insurance carriers to provide these and other services.

Representative matters:

  • Represented online retailer victim of malware attack stealing customer credit card information necessitating notice to customers in 47 states and 10 countries.
  • Represented non-profit victim of phishing attack compromising employees’ W-2 information requiring notice to 250 current and former employees in 3 states.
  • Represented client whose employees discovered unauthorized persons filed tax returns on their behalf necessitating notice to 200 employees in 11 states.
  • Drafted notices for clients to provide to state attorneys general, regulators and other law enforcement personnel.
photo of chair for print purposes

Practice Group Chair


James P. Harris

A member of Sheehan Phinney since 2002, J.P. brings his litigation experience to the firm’s data privacy and security group, a group he co-chairs. In his litigation practice, he represents