Data, Privacy and Cybersecurity

We are trusted by the world’s leading innovators to handle cutting-edge, mission-critical, and sensitive issues involving data privacy and cybersecurity. Our capabilities are unmatched.

Subscribe to receive our insights.

Our services
Testimonials
Contacts
Our experience
Recognitions
Insights

We handle cutting-edge, mission-critical, and sensitive issues in data and cybersecurity, helping clients govern and protect data to maximize value. With computer science and other technical experience, our lawyers are changemakers advising at the intersection of law, policy, and technology.

Privacy by Design. Big data. The Internet of Things. Wearables. AI. Online behavioral advertising. HIPAA. Data breaches. The privacy and cybersecurity lawyers at Hogan Lovells are influential in key institutions and industries, and we activate our connections to give you the edge – ensuring regulation works for business, not against it. In 2019 our Privacy and Cybersecurity practice was named “Practice Group of the Year” by Law360. In addition, in 2015 we won the first ever Chambers USA Privacy and Data Security Team of the Year award and earned the same distinction again in 2017 and 2022. For many years running, we have been top-ranked by Chambers Global and Legal 500 for Privacy and Data Security as well as in regional Chambers directories that span the United States, Europe, and Asia.

We counsel tech-sector titans in Silicon Valley and major financial services corporations in New York. The auto industry turned to us to help them develop “connected car privacy principles.” We recently handled one of the largest retail data breaches. One of the largest health insurer data breaches. And one of the largest hospital data breaches – all within a few months of one another.

We are at the forefront of legal developments in Europe and around the globe. We help companies as they develop cutting-edge technologies or operate their businesses in new ways, anticipating regulatory and technological change so they stay ahead. With a deeper understanding of commercial dynamics and legislative direction, we focus on what drives our clients’ long-term success.

Cybersecurity continues to evolve. Regulatory growth continues to explode. We have close connections to national and international policymakers. To keep clients apprised, our team publishes our Chronicle of Data Protection, featuring analysis of important developments in privacy policy, along with news bulletins for our multiple-retainer clients. We also offer our 24-hour global privacy hotline, in case of client data emergencies.

Breach Preparedness response Investigation and Communication

Corporate and Commercial Transactions

Health Privacy and Cybersecurity

Privacy and Cybersecurity Public Policy Counselling and Advocacy

Risk Management Governance Compliance

When a cyberattack, breach, or other compromise puts your organization at risk, we guide you through the legal obligations and reputational challenges that follow.

We’ve led clients through some of the most significant and complex breaches worldwide. We develop preparedness strategies for leading companies, advise boards on risk management, and deploy legal and technical resources at a moment’s notice.

Our support spans the full incident lifecycle:

Retaining forensic vendors under privilege
Conducting internal investigations
Engaging with law enforcement and regulators
Leading crisis management and communications
Translating technical findings into practical business and legal risk assessments
Guiding notification obligations
Defending high-stakes litigation

From sector-defining breaches to everyday questions, we are ready to respond.

Data, privacy, and cybersecurity considerations are central to today’s business deals. We help clients identify and address these issues in corporate and commercial transactions, whether negotiating technology and data-sharing agreements, structuring outsourcing arrangements, or evaluating risks in strategic partnerships and acquisitions. Our team ensures that data protection and security obligations are built into contracts from the start, safeguarding value and reducing exposure across industries and jurisdictions.

We guide clients through the full range of health privacy and cybersecurity challenges. Our team advises on HIPAA, HITECH, genetic and research privacy, and emerging issues such as AI and digital health technologies. We help organizations develop and implement compliance programs, manage data breaches and investigations, engage with regulators, and safeguard sensitive health information across clinical, research, and business environments.

We help clients shape and respond to evolving privacy and cybersecurity laws around the world. Our team engages with policymakers, regulators, and industry groups to advocate for practical, business-oriented solutions while ensuring compliance with complex legal frameworks. From monitoring legislative developments to advising on strategy and positioning, we guide clients in advancing their interests and influencing the future of data regulation.

In the information age, data isn’t just a source of value – it’s a source of risk. Organizations must secure networks and systems against internal and external threats, support business needs, and align data practices with legal, regulatory, and industry standards. The question is: How?

We help clients answer that question by building robust privacy and cybersecurity programs. Our team develops governance frameworks, designs compliance strategies, and advises boards and executives on managing risk. From global regulatory alignment to day-to-day operations, we provide practical guidance that reduces exposure, strengthens resilience, and supports long-term business goals.

Hear from our clients and industry leaders

Hogan Lovells has a deep understanding of relevant data privacy and security requirements and provide practical advice which is of the utmost importance when trying to implement laws often unclear and vague.

Chambers & Partners, USA Guide, 2025

Their global reach and deep bench of experts mean they can advise on just about any matter.

Chambers & Partners, Global Guide, 2025

I have complete trust in Hogan Lovells during complex technical and sophisticated matters. It’s evident the firm ensures their team are educated on trends and the impacts of the industry on their clients.

Chambers & Partners, USA Guide, 2025

Key contacts

Marcy Wilder

Partner

Marcy Wilder

Partner

Washington, D.C.

Eduardo Ustaran

Partner

Eduardo Ustaran

Partner

London

Scott T. Loughlin

Partner

Scott T. Loughlin

Partner

Washington, D.C.

Meet the Data, Privacy and Cybersecurity team

Representative experience

Hogan Lovells conducted a comprehensive review of client data privacy and security practices of Bloomberg L.P., culminating in a public report.

We assessed Uber’s customer data privacy program, and made recommendations following negative media reports.

Our team regularly counsels companies on EU privacy developments and compliance strategies, including for the cross-border transfer of personal data.

Engaged in a 120-country analysis of privacy laws relevant to financial institutions and consulting services for a consulting firm.

We performed an intensive review of privacy safeguards, and prepared a strategic plan for a defense contractor's privacy and data protection program.

Our team advised a leading payment card issuer on privacy and data security contracting issues relating to the launch of a mobile payments platform.

We represented the Future of Privacy Forum in FTC, FCC, NIST, and state regulatory actions concerning smart grid, broadband, and other emerging issues.

Our team was recognized by The Financial Times, which shortlisted us for its 2015 North America Innovative Lawyers competition.

Awards and recognitions

Band 1 for Data Protection

Chambers & Partners, Global Guide

2013-2025

Band 1 for Data Protection

Chambers & Partners, Europe Guide

2020-2025

Band 1 for Privacy and Data Security: The Elite

Chambers & Partners, USA Guide

2011-2025

Band 1 for Data Protection and Information Law

Chambers & Partners, UK Guide

2021-2025

Band 1 for TMT: Data Protection

Chambers & Partners, Asia-Pacific Guide

2024-2025

Recognized as a top firm for Privacy and Data Security: Healthcare

Chambers & Partners, USA Guide

2019-2025

Tier 1 for UK Data Protection

Legal 500 UK

2019-2025

Data Protection and Cybersecurity – Hong Kong

Legal 500 Asia-Pacific

2025

Privacy and Data Security Law Firm of the Year

Chambers & Partners USA

2015, 2017, 2022

Navigate change with our latest insights

News

The Data Chronicles | AI Issue Spotting: What is AI?

09 September 2025

News

Asia-Pacific privacy authorities publish data anonymisation guide

11 August 2025

News

Thailand ramps up data protection enforcement

11 August 2025

News

Indonesia lowers threshold for mandatory Data Protection Officer appointment

08 August 2025

Chronicle of Data Protection

Global insight, legal foresight: Data, privacy and cybersecurity unlocked.

Learn more

We handle cutting-edge, mission-critical, and sensitive issues in data and cybersecurity, helping clients govern and protect data to maximize value. With computer science and other technical experience, our lawyers are changemakers advising at the intersection of law, policy, and technology.

Explore our capabilities

Breach Preparedness response Investigation and Communication

Corporate and Commercial Transactions

Health Privacy and Cybersecurity

Privacy and Cybersecurity Public Policy Counselling and Advocacy

Risk Management Governance Compliance

Hear from our clients and industry leaders

Hogan Lovells has a deep understanding of relevant data privacy and security requirements and provide practical advice which is of the utmost importance when trying to implement laws often unclear and vague.

Their global reach and deep bench of experts mean they can advise on just about any matter.

I have complete trust in Hogan Lovells during complex technical and sophisticated matters. It’s evident the firm ensures their team are educated on trends and the impacts of the industry on their clients.

Key contacts

Representative experience

Awards and recognitions

Band 1 for Data Protection

Band 1 for Data Protection

Band 1 for Privacy and Data Security: The Elite

Band 1 for Data Protection and Information Law

Band 1 for TMT: Data Protection

Recognized as a top firm for Privacy and Data Security: Healthcare

Tier 1 for UK Data Protection

Data Protection and Cybersecurity – Hong Kong

Privacy and Data Security Law Firm of the Year

Navigate change with our latest insights

Singapore High Court clarifies scope of deemed consent and actionable loss under the PDPA

The Data Chronicles | The Trump Administration & AI

Response to ICO call for views on international data transfers guidance

Asia-Pacific privacy authorities publish data anonymisation guide

Thailand ramps up data protection enforcement

Indonesia lowers threshold for mandatory Data Protection Officer appointment

Chronicle of Data Protection

You may also be interested in...