small-logo
ProfessionalsCapabilitiesInsights & NewsCareersLocations
About UsAlumniOpportunity & InclusionPro BonoCorporate Social Responsibility
Stay Connected:
facebookinstagramlinkedintwitteryoutube
Site Search

Capabilities 62 results

Practice Area

Privacy & Data Security

Winston takes a strategic approach to privacy and data security, integrating our extensive capabilities across practices to provide our clients with
cutting-edge privacy and data security counseling, crisis management, security incident investigation and notification management, defense of data security
class action litigation and regulatory inquiries, and international data protection. Our Global Privacy & Data Security Practice features a core tea...Read more...Read more

Practice Area

Privacy: Regulated Personal Information (RPI)

Winston’s Regulated Personal Information (RPI) Practice offers seamlessly integrated counseling and litigation services to companies looking for practical and
solution-oriented assistance navigating the compliance, regulatory, and private class action enforcement risks presented by the emerging patchwork of
complex (and often conflicting) privacy laws in the United States and beyond....Read more

Practice Area

Class Actions & Group Litigation

Winston has developed a consistent record of success handling class action cases in state and federal courts. The practice is anchored by seasoned class
action lawyers, many of whom have been recognized by Chambers USA and other ranking organizations as being top practitioners in their field. Our clients
rely on us to steer them through class action matters by drawing on the firm’s significant experience in resolving complex litigation using creativ...Read more...Read more

Insights & News 1,964 results

Client Alert

|

May 16, 2025

|

3 Min Read

CFPB Plans to Close Repeat Offender Registry

In a notice published in the Federal Register on May 14, the CFPB announced its intent to close its repeat offender registry by rescinding its rule requiring
nonbank financial entities to report public orders entered against them to the Bureau and to file annual compliance reports.[1] The notice follows the
Bureau’s brief press release last month announcing that it was considering eliminating the registry and would no longer prioritize enforcement o...Read more...Read more

Competition Corner

|

May 16, 2025

|

7 Min Read

The New Antitrust Frontier: How the “Most-Favored Nation” (MFN) Executive Order Targets Drug Pricing Power

In a marked shift toward competition-focused healthcare policy, the latest Executive Order on drug pricing reflects the Administration’s expanding use of antitrust tools to address high pharmaceutical costs. Framed around the “most-favored-nation” principle, this initiative is more than a pricing measure—it signals a broader regulatory agenda that targets market power and pricing disparities long shielded from traditional enforcement. Here’s what companies across the healthcare sector need to know.

Seminar/CLE

|

May 13, 2025

2025 Health Care & Life Sciences Summit

Winston & Strawn is pleased to host its fifth annual Health Care & Life Sciences Summit. Clients and friends of the firm are invited to join us to network with
peers and gain insights from industry leaders and legal experts. The summit will take place live at our Chicago office, and CLE-eligible recordings of the
Summit’s sessions will be available shortly following the event....Read more
View All Insights & News

Other Results 77 results

Law Glossary

What Is Privacy Compliance Law?

The area of privacy compliance law addresses how organizations meet legal and regulatory requirements for collecting, processing, or maintaining personal
information. Data privacy breaches can lead to regulatory investigations and fines. When privacy is compromised, consumers or employees may respond
with civil lawsuits. It is recommended, but not required by a federal law, that companies create and post privacy policies on websites and mobile ...Read more...Read more

Law Glossary

What Is Data Breach and Data Security Law?

Within 48 U.S. states and the District of Columbia, data breach and data security laws require organizations and government agencies to provide notifications
of security breaches when they involve personally identifiable information. Companies may also be required by state data breach laws to act to minimize the
effects of a breach. The FTC can investigate companies that do not adhere to their stated privacy policies and do not have safeguards to protect ...Read more...Read more

Law Glossary

What Is the General Data Protection Regulation (GDPR) Law?

The European Union General Data Protection Regulation (GDPR) law is an act, applied across the Union, which directs data privacy. The GDPR law is designed
to protect the data privacy of all EU citizens and guide organizational approaches to handling data, as well as transferring it across borders. Under the GDPR,
breach notification is mandatory within 72 hours if the breach is likely to “result in a risk for the rights and freedoms of individuals.” The GDPR ap...Read more...Read more
Logo
facebookinstagramlinkedintwitteryoutube

Copyright © 2025. Winston & Strawn LLP

AlumniCorporate Transparency Act Task ForceDEI Compliance Task ForceEqual Rights AmendmentLaw GlossaryThe Oval UpdateWinston MinutePrivacy PolicyCookie PolicyFraud & Scam AlertsNoticesSubscribeAttorney Advertising

We, our service providers, and other third parties use cookies and other analytics, advertising, and tracking technologies on this site. Your information, including personal information and interactions with this site, may be monitored, recorded, or collected through these tools and further used or disclosed by us, our service providers, and authorized third parties. For more details, please visit our privacy policy.