Data Regs Compliance Law Firm to consult?
May 15, 2007 10:51 AM   Subscribe

I am part of an IT department for a biggish small comany. We don't do any retail anything, but we do do government contract work. We want to make sure that we're aware of any data-retention compliance issues that could eventually bite us. I am looking for a law firm we could pay to advise us on this. Can anyone recommend such a firm (or lawyer) from experience? I would rather go on a recommendation than throwing a dart at a Google results page.
posted by everichon to Computers & Internet (4 answers total)
IAAL and data retention is tricky ... For their data generally you should pass this back to your client as it is their responsibility for their data and they should inform you ... however ... For your company (I am assuming that you are publically listed) the first question that should be asked is what national retention laws will need to be met? If only the US life is easier that US, EU, and a collection of Small SE Asian countries (for example). If the requirements are international you should go for an international law firm (Baker and McKenzie, Allen and Overy, Clifford Chance, Eversheads, DLA, Freshfields, etc.). If US only pick a medium to large US firm (although the last mentioned can equally well advise) however the price will be steep for anyone from a good firm with a capital G (and you don't want to know their lawyers hourly rates). Another important aspect is data destruction ... again complex!

If you are not publically listed life is a bit easier (and advice cheaper) and your internal accountants and lawyers may be able to nail it on their own. I would suggest first asking them (either way) as they will certainly have their own profesional advisors.

posted by jannw at 12:51 PM on May 15, 2007

Response by poster: We are not publicly listed; we just don't want to be taken unawares by some recondite requirements down the road.
posted by everichon at 1:26 PM on May 15, 2007

Sent you an email.
posted by bkdelong at 2:34 PM on May 15, 2007

Wow, finally a question I actually have any direct knowledge of.

If you have over 50 employees and (both) do over 50 large with the gov't in a year.... or (usually) do business with the same (first tier subcontractor) you are by contract subject to fedral contract compliance affirmative action obligations. It is the price you as a fedral contractor / subcontractor have to pay for the priviledge of doing business with the government.

Here is the thing, as an IT guy/gal you may not be the first to know about any of this because this is typically HR domain... and frankly HR are usually the last group of folk ...redact/ ill equipt to deal with statistical records and the like... in fact HR depts are not usually even on top of whatever latest changes occur, let alone have the expertise to pull/retain the data needed. Example; the latest definition of an internet applicant of which you are required to track certain things... race sex etc.

There may be other IT specific things you may be required to do, especially in whatever the context of the business is. And to those, I would not be qualified to speak responsibly about.

feel free to pm (hatchetjack/gmail) if anything I described feels like your situation.
posted by hatchetjack at 5:10 PM on May 15, 2007

« Older Similar names, similar fields -- still OK?   |   Where do I get a rigid queen-sized board for a... Newer »
This thread is closed to new comments.