Hintze Law > Seattle, United States > Firm Profile

Hintze Law > Firm Profile

Hintze Law is a US-based boutique privacy and data security law firm that provides counseling exclusively on global data protection. The firm’s attorneys and privacy consultants support technology, health, biotech, advertising, social networking, media, gaming, ecommerce, and mobile companies, organizations, and industry associations in all aspects of privacy and data security.

• Regulatory and Public Policy
  • Hintze Law provides strategic counsel on legislative, regulatory, and other policy matters, including crafting tactical input to developing laws, guidelines, standards, and self-regulatory principles.
• Global Privacy and Data Compliance
  • Hintze Law provides guidance on cross-border data transfers and compliance with international data protection laws, working as needed with a hand-picked team of regional counsel.
• Enforcement Defense
  • Hintze Law has extensive experience responding to FTC, Attorneys General, and international data protection authority inquiries and investigations, as well as managing compliance with consent decrees and settlement agreements.
• Privacy and Security Policies and Programs
  • Hintze Law helps clients develop privacy and security policies, training, and programs, including privacy-by-design privacy product reviews, to help build and maintain trust and compliance with privacy and data protection laws.
• Privacy Assessments
  • Hintze Law conducts privacy assessments and reviews at systems and product levels to identify the data clients collect, use, and store; evaluate risks; and provide strategic recommendations and solutions using efficient methods tailored to each client’s size and needs.
• Data Transactions
  • Hintze Law understands the value and pitfalls of consumer data in technology and marketing transactions and helps clients negotiate terms designed to protect data rights, avoid data risks, and meet regulatory and industry privacy requirements.
• Privacy and Security Due Diligence
  • Hintze Law has deep expertise conducting and responding to privacy and security due diligence inquiries in corporate M&A deals and developing cybersecurity and privacy SEC disclosures.
• Data Security and Breaches
  • Hintze Law advises clients on strategies to minimize the risk of data breaches and provides counseling on effectively and efficiently responding to data breach incidents.
• Strategy and Communications
  • Hintze Law works with companies to build privacy into their brands, create competitive differentiation strategies, and develop key messaging.

Health & Biotech: The Hintze Law Health & Biotech Privacy Group provides sophisticated counsel to clients on the complete range of health information privacy and security issues and regularly develops comprehensive privacy and security compliance programs for biotechnology, medical device, digital health, and consumer wellness companies, as well as data analytics and machine learning platforms that work with health information.

• Health Information Privacy and Data Security Compliance
  • Hintze Law provides guidance to covered entities and business associates on compliance with the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH) and related state laws, such as the California Consumer Privacy Act (CCPA).
• Enforcement Defense
  • Hintze Law has extensive experience responding to HHS OCR, FTC, and Attorneys General investigations, as well as managing compliance with consent decrees and settlement agreements.
• Health Information Governance
  • Hintze Law develops customized privacy and security policies, training, and programs for clients, and advises them on maintaining stakeholder and public trust and compliance with health information privacy and security laws.
• Information Blocking
  • Hintze Law advises health information technology companies and app developers on compliance with the information blocking prohibition under the 21st Century Cures Act.
• Privacy and Security Risk Assessments
  • Hintze Law conducts privacy and security risk assessments, including HIPAA security risk assessments, and provides strategic recommendations for remediation tailored to each client’s risk tolerance, size, and business needs.
• Health Information Security Incidents and Breaches
  • Hintze Law advises clients on strategies to minimize data security risks and provides counseling on effectively and efficiently responding to security incidents and data breaches involving health information.
• Data Use Partnerships
  • Hintze Law drafts and negotiates partnership agreements to use and exchange health information to advance scientific research, personalized medicine, and patient care.
• Health Information Risk and Corporate Transactions
  • Hintze Law has deep expertise conducting and responding to privacy and security due diligence inquiries in corporate transactions involving health information, as well as advising on best practice for definitive agreements and post-closing.
• Human Subjects Research
  • Hintze Law works with organizations developing and managing biomedical and behavioral research involving human subjects under the Federal Common Rule, including advising on IRB submissions, privacy protections and research consent documents.
• Strategy and Communications
  • Hintze Law works with companies to build privacy into their brands, create competitive differentiation strategies, and develop key messaging around health information privacy and security.
• Pandemic Response
  • Hintze Law advises clients on privacy and security issues raised by the coronavirus (COVID-19) pandemic, including HHS OCR enforcement discretion, telehealth platforms, telehealth, and return-to-work policies.

Cybersecurity & Breach Response: The Hintze Law Cybersecurity Group provides first-class, strategic counseling on pragmatic solutions to cybersecurity legal requirements, in the trenches guidance on data incidents and breaches, and efficient and effective representation in regulatory investigations.

• Breach Response Support
  • Hintze Law strategically guides clients in all industries in response to data breaches ranging in size from a single record of highly sensitive classified information to tens of millions of records resulting from domestic and foreign cyberattacks, malicious hacking, phishing, advanced persistent threats, ransomware, email compromise, malware, lost and stolen laptops and other data devices, and bad actors within the company such as employee theft of customer lists and sensitive data.
  • Hintze Law counsels clients on HIPAA and HITECH Act security assessments and health data breaches.
• Representation in Privacy and Security Investigations and Inquiries
  • Hintze Law regularly represents clients in privacy and security investigations and inquiries from the Federal Trade Commission, state attorneys general, international data protection authorities, and members of Congress.
  • Hintze Law develops strategies for responding to investigations and reports by media, privacy organizations, and researchers, including on data breaches, security vulnerabilities, and privacy and cybersecurity practices.
  • Hintze Law supports clients on FBI and government investigations of security threats.
  • Hintze Law advises on SEC and government inquiries including disclosures and mitigation responses regarding compromised software (e.g., SolarWinds).
• Incident Response Plans
  • Hintze Law assists clients in a variety of industries including mobile, cloud, telecom, health and financial, from startups to Fortune 50 technology companies in establishing, maintaining, and maturing cybersecurity and data breach response programs.
  • Hintze Law drafts, enhances, and tests privacy and cybersecurity incident response policies, plans, and protocols.
  • Hintze Law provides guidance on PCI-DSS, GLBA, and other laws applicable to financial and credit card data.
• Data Protection Agreements
  • Hintze Law negotiates difficult cybersecurity and breach terms in security addendums, EU and UK SCCs, and other forms of data protection agreements.

Employment Privacy: The Hintze Law Employment Privacy Group has an experienced team ready to help organizations navigate the complex privacy, security, and data protection requirements that apply in the employment context. The group brings years of in-house expertise as well as an understanding of practical, risk-based solutions to the most challenging of employee privacy and security issues.

• Employee Notices
  • Hintze Law develops and implements employee and applicant privacy notices and policies, and employee monitoring policies and processes.
• Cybersecurity
  • Hintze Law guides response to breach of employee and applicant data and sets up cybersecurity programs to protect employee and applicant data and help prevent breaches.
• Retention Policies
  • Hintze Law develops and implements personal information retention and deletion policies and processes.
• Employee Data Requests
  • Hintze Law develops and implements procedures for analyzing and responding to employee and applicant requests to access, correct, and delete personal information.
• Risk Assessments
  • Hintze Law conducts employee privacy and data protection risk assessments.
• Sensitive Data Processing
  • Hintze Law advises on risks and requirements related to biometric, health, and location data collection, background checks, employee monitoring.
• AI & Machine Learning
  • Hintze Law advises on privacy, data protection, and ethics issues regarding AI and machine learning technologies, and automated decision-making in the employment context.
• DEI Programs
  • Hintze Law advises on privacy issues in employee and applicant diversity, equity, and inclusion programs.
• Data Protection Agreements
  • Hintze Law drafts and negotiates data processing agreements with suppliers and partners, including benefits partners.

Artificial Intelligence & Machine Learning: The Hintze Law Artificial Intelligence (AI) & Machine Learning (ML) Group provides sophisticated privacy and data protection counsel to help clients assess and mitigate the legal, regulatory, policy, and reputational risks associated with the development, deployment, and implementation of AI & ML technologies.

• AI Governance & Transparency
  • Hintze Law develops customized privacy, security, and responsible AI policies, processes, training, and programs for clients. Hintze Law also provides guidance for maintaining stakeholder and public trust as well as for compliance with AI & ML related privacy, security, data protection, and digital services laws.
• Generative AI
  • Hintze Law has deep experience counseling clients on the complete range of privacy and security issues posed by Generative AI and regularly develops comprehensive privacy and security compliance programs for Generative AI platforms.
• AI & Employee Privacy
  • Hintze Law has deep experience counseling clients on the complete range of employee and applicant privacy and data protection issues, including strategies for implementing AI & ML practices within client organizations. Hintze Law also regularly develops comprehensive privacy and security compliance programs for AI & ML technologies processing employee and applicant information, including employee monitoring and automated employee decision-making technologies (AEDTs).
• AI & Online Advertising
  • Hintze Law has counseled clients on privacy by design and ethical considerations in training, development, and application of AI systems used for predictive targeted advertising.
• AI & Health Privacy
  • Hintze Law has deep experience counseling clients on the complete range of health information privacy and security issues and regularly develops comprehensive privacy and security compliance programs for AI & ML platforms that analyze patient health care and outcomes.
• AI Risk Assessments
  • Hintze Law conducts AI impact assessments and data protection impact assessments of AI technologies and provides strategic recommendations for remediation tailored to each client’s risk profile, size, and business needs.
• AI Research & Research Review
  • Hintze Law has experience contributing legal and policy analysis to clients’ AI research publications as well as experience reviewing research processes and publications for data privacy, security, and ethics risk.
• Regulatory & Public Policy
  • Hintze Law provides strategic counsel on legislative, regulatory, and other policy matters.
• Strategy & Communications
  • Hintze Law works with companies to build privacy, security, and data ethics into their brands, create competitive differentiation strategies, and develop key messaging.
• Biometrics & Facial Recognition
  • Hintze Law has extensive experience advising on biometric privacy and facial recognition laws and regulations.
• AI Risk & Corporate Transactions
  • Hintze Law has expertise conducting and responding to privacy and security due diligence inquiries in corporate transactions involving AI and ML, as well as advising on best practice for definitive agreements and post-closing.
• Enforcement Defense
  • Hintze Law has extensive experience responding to FTC, Attorneys General, and international data protection authority inquiries and investigations, as well as managing compliance with consent decrees and settlement agreements.