Main Menu

Data Privacy and Information Governance

corporate and business advice

Informed decisions in response to data breaches.


Cyber attacks, data breaches, and data security and management present significant challenges for today’s directors and officers.  Data security breaches expose not only companies and their customers to significant risk of financial loss, but also expose leaders to risk of legal action for breach of fiduciary duty. Although claims thus far have been brought more by federal and state regulators, as well as customers and employees allegedly injured by data breaches, plaintiffs are increasingly seeking to hold officers and directors liable for failing to exercise their duties of care and loyalty.  Although difficult to plead a violation of management's duty of oversight, plaintiffs' lawyers are becoming more creative to try to undermine the Caremark and Stone v. Ritter protections Delaware law affords boards and officers.

Advising Corporate Officers and Directors

Morris James provides counsel for companies’ directors and officers, or special committees, to provide guidance on complying with fiduciary duties and making informed decisions to prevent and/or respond to data breaches.  Our group can help companies and their leaders understand their obligation to take reasonable steps to protect sensitive data from unauthorized disclosure.

Morris James also advises clients on document retention and litigation readiness with an eye toward reducing potential costs of eDiscovery.  This involves advising clients on storage and usage of data and educating employees regarding electronic forms of communication.

Recent cases, including GlaxoSmithKline LLC v. Discovery Works Legal Inc., also highlight the need for businesses to understand where their data is being held and how it is being maintained.  We advise clients on making sound data privacy decisions during the course of litigation.

Ultimately, as technology evolves, the legal aspects of information governance will change with it. How we access and store data, and what the best practices are for mitigating risk, are issues that demand equal parts technical and legal knowledge.

The Data Privacy and Information Governance Group includes corporate and fiduciary duty attorneys, attorneys well-versed in electronic data storage and discovery, attorneys with bankruptcy and insurance-related backgrounds, and non-attorney IT staff knowledgeable about trends in data security and technology.  Together, the group advises boards of directors and officers in assessing and managing risk and defending claims for alleged breach of fiduciary duty arising from data breaches.

Legal Representation for Data Breaches

Businesses are under significant pressure to protect personally identifiable information (PII) and may face significant risk and exposure for failing to do so.  Morris James helps businesses evaluate and understand their obligations to protect PII and their reporting obligations if the business suffers a data breach.  In addition, we can help evaluate, and develop website privacy/terms-of-use policies so that customers and clients understand what information a business might be gathering, how such information is being used, how such information might be disseminated, and how the information is being protected.

Businesses often face extraordinary costs when faced with eDiscovery; the cost of.  One of the ways in which Morris James adds value is by helping businesses proactively craft data strategies that can reduce the cost of possible litigation. Proactive information governance is one of the best ways that businesses can avoid being priced out of litigation.

If you would like more information about the group, email us at





Back to Page