small-logo
ProfessionalsCapabilitiesInsights & NewsCareersLocations
About UsAlumniOpportunity & InclusionPro BonoCorporate Social Responsibility
Stay Connected:
facebookinstagramlinkedintwitteryoutube
Site Search

Capabilities 56 results

Practice Area

Privacy & Data Security

Winston takes a strategic approach to privacy and data security, integrating our extensive capabilities across practices to provide our clients with cutting-edge privacy and data security counseling, crisis management, security incident investigation and notification management, defense of data security class action litigation and regulatory inquiries, and international data protection. Our Global Privacy & Data Security Practice features a core team of privacy professionals and is bolstered by more than 40 attorneys from a variety of other disciplines firmwide. Our team combines compliance counselors, transactional lawyers, former government regulators and federal prosecutors, seasoned investigators, and experienced litigators. Few firms can rival our in-depth, sophisticated, and integrated experience in this area....Read more

Practice Area

Privacy: Regulated Personal Information (RPI)

Winston’s Regulated Personal Information (RPI) Practice offers seamlessly integrated counseling and litigation services to companies looking for practical and solution-oriented assistance navigating the compliance, regulatory, and private class action enforcement risks presented by the emerging patchwork of complex (and often conflicting) privacy laws in the United States and beyond....Read more

Practice Area

Advertising Litigation

Brands across key sectors turn to Winston litigators to defend their reputations in advertising class actions, competitor disputes, and investigations. With litigators based in the U.S.’s busiest jurisdictions—including courts in California, Florida, Illinois, New York, and Texas—we have deep experience and prowess in handling some of the most high-profile and business-essential advertising cases in recent history. These disputes have involved false advertising; unfair competition, unfair business practices, and unjust enrichment; copyright, trade name, and service mark infringement; consumer-protection claims; and violations of the Lanham Act....Read more

Experience 3 results

Experience

|

October 1, 2023

Class Action Plaintiff Sent Packing After Winston Secures Enforcement of Binance’s Terms of Use

A Winston team secured a decisive victory for a major cryptocurrency exchange (and provided a potential roadmap for other online businesses seeking to enforce arbitration clauses in their terms of service) this week when a federal judge granted a motion to compel arbitration....Read more

Experience

|

August 27, 2021

GenNx360's Majority Investment in Whitsons Culinary Group

Winston & Strawn LLP represented GenNx360 Capital Partners, a New York City-based private equity firm investing in middle market business-to-business industrial and business services companies, in its majority investment in Whitsons Culinary Group, which leads the industry with its customized services, innovative programs, commitment to quality, focus on nutrition, local sourcing, and community support. Its services include school nutrition, residential and healthcare dining, prepared meals, and emergency dining. GenNx360’s operational expertise and track record of building platforms will continue to drive Whitson’s next phase of rapid growth. GenNx360's investment will enable Whitsons to focus on driving their mission of Enhancing Life One Meal at a Time™....Read more

Experience

|

July 30, 2021

Norwest Equity Partners' Sale of Focal Point Data Risk, LLC and Focal Point Federal, LLC to CDW Technologies LLC

Winston & Strawn LLP represented Norwest Equity Partners (“NEP”), a leading middle-market investment firm founded in 1961, in the sale of its portfolio company, Focal Point Data Risk (or the “Company”), a leading data risk management services company, to CDW Corporation (Nasdaq: CDW), a leading multi-brand provider of information technology solutions. Serving mid-to-large enterprises and governments in the United States and internationally, Focal Point offers solutions that help companies secure their business so they can grow and innovate without risk. Solutions offered include professional and managed services across identity and access management, cybersecurity and data privacy, cyber defense, cyber skills development, and other risk consulting services....Read more

Insights & News 1,340 results

Investigations, Enforcement, & Compliance Alerts

|

February 18, 2026

|

3 Min Read

Beyond the CMMC: New Cybersecurity Assessments for Government Contractors

The General Services Administration (GSA) recently announced changes to procedural guidance that may affect contractor eligibility for GSA contracts. GSA issued the IT Security Procedural Guide: Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations Process CIO-IT Security-21-112, which set out a cybersecurity framework for protecting CUI that is similar to the Cybersecurity Maturity Model Certification (CMMC) for DoD contracts. 

Benefits Blast

|

February 3, 2026

|

3 Min Read

Group Health Plans Must Update HIPAA Notices by February 16 to Address New SUD Privacy Rules

Covered entities, including group health plans, must update and distribute their Health Insurance Portability and Accountability Act of 1996 (HIPAA) Notice of Privacy Practices (NPP) by February 16, 2026, to comply with new rules for handling substance use disorder ) records.

Recognitions

|

January 30, 2026

|

1 Min Read

Winston Trademark Team Recognized in the WTR 1000 2026 Rankings

Winston & Strawn was recognized in the 2026 World Trademark Review (WTR) 1000 rankings. WTR undertakes exhaustive qualitative research to identify the leading professionals and firms that are deemed outstanding at obtaining, protecting, managing, enforcing, and monetizing trademarks....Read more
View All Insights & News

Other Results 60 results

Site Content


Privacy Policy

Law Glossary

What Is Privacy Compliance Law?

The area of privacy compliance law addresses how organizations meet legal and regulatory requirements for collecting, processing, or maintaining personal information. Data privacy breaches can lead to regulatory investigations and fines. When privacy is compromised, consumers or employees may respond with civil lawsuits. It is recommended, but not required by a federal law, that companies create and post privacy policies on websites and mobile apps. Once posted, companies must follow these policies or face scrutiny by the Federal Trade Commission. (California and Delaware state law does require privacy policies to be posted on websites and mobile applications, if the site collects personally identifiable information)....Read more

Law Glossary

What Is Privacy Audit Law?

A privacy audit, also known as a privacy compliance audit, is an assessment tool that looks at an organization’s privacy protection policies and procedures, specifically in light of current relevant laws or regulatory requirements. The audits may be conducted by private organizations or by government agencies that are verifying a company’s regulatory compliance. In terms of privacy audit law, the FTC can conduct audits of organizations and take action when a company is improperly securing private information. Action is taken under the FTC Act, which covers unfair trade practices. Health Insurance Portability and Accountability Act audits are also conducted to ensure that providers are following HIPAA law and protecting private health information....Read more
Logo
facebookinstagramlinkedintwitteryoutube

Copyright © 2026. Winston & Strawn LLP

AlumniCorporate Transparency Act Task ForceDEI Compliance Task ForceEqual Rights AmendmentLaw GlossaryThe Oval UpdateWinston MinutePrivacy PolicyCookie PolicyFraud & Scam AlertsNoticesSubscribeAttorney Advertising