The increased reliance on digital resources and the sharing of secure data worldwide is accompanied by an elevated risk of data and compliance breaches.  The US and global regulatory landscape is constantly evolving to combat expanding digital threats, and companies that do not take a proactive approach to privacy and security are frequently left to pick up the pieces.

PorzioCS assists companies in developing and implementing secure data privacy and cybersecurity practices while ensuring regulatory compliance.  Our interdisciplinary team of compliance professionals leverage decades of relationships with government agencies, industry experts and policy groups to provide our clients a complete solution, from assessment through implementation and training. 

Services include:

  • Information asset assessments and privacy and cybersecurity compliance "gap" assessments
  • Identifying company specific risks and guiding senior management and board on regulatory obligations, best practices and corporate governance
  • Developing privacy breach and cybersecurity incident response plans
  • Developing, implementing and updating data privacy and security programs
  • Creating employee information security policies
  • Employee training on information security policies
  • Assessing and managing vendor risks

Representative Areas of Focus

Privacy and cybersecurity breaches are a pervasive threat to all businesses, regardless of size, industry and location.  Regulatory frameworks continue to evolve and companies are struggling to understand the myriad laws and regulations that may govern the privacy and security of their physical and electronic data.  Based on a company's locations, where its customers reside, and the type of data it collects and where it is stored, a single company can be subject to regulations of the US, multiple different states, the EU and other nations.  As new examples of security breach consequences arise nearly daily, the business risk from loss of data is real.

PorzioCS assists companies in developing a proactive approach to privacy and cybersecurity defense.  Our compliance professionals provide guidance on broadly recognized standards including the NIST cybersecurity framework as well as industry-specific regulations.  We help to create secure and compliant organizations throughout various industries.

In the life sciences industry, we have particular experience providing privacy-related compliance guidance in the following areas:

  • Application of the Health Insurance Portability and Accountability Act (HIPAA), including providing compliance guidance to business associates of covered entities
  • Development of consents and authorizations to permit the collection and use of personal data
  • Patient programs and reimbursement support
  • European Union Data Protection Directive, General Data Protection Regulation and cross-border data transfers
  • Assisting with Privacy Shield certifications

For privately held businesses, including professional services firms and private equity portfolio companies, we have assisted clients with:

  • Data privacy and cybersecurity compliance "gap" assessments given industry specific regulatory and jurisdictional requirements and industry best practices
  • Analyses of storage and access to physical and electronic Personally Identifiable Information
  • Creation of Data Privacy and Security Programs, Data Destruction Policies, Employee Data Privacy Policies and Incident Response Policies
  • Creation of vendor contract protocols relating to vendor data protection requirements
  • Reporting to Board of Directors

PorzioCS is a wholly-owned subsidiary of the law firm of Porzio, Bromberg & Newman, P.C. (Porzio).  For more information about Porzio, please visit

Porzio Life Sciences, LLC (PorzioLS), a sister company to PorzioCS, provides regulatory and compliance services to the life sciences industry.  More information about PorzioLS is available at

Questions? Request more information or call 973-889-4300

Contact Us