By drafting policies that companies can follow, Scott & Scott helps mitigate the risk of an FTC or regulatory investigation, or unfair competition claim, based on failure to follow enumerated privacy and security policies.  We have helped clients design privacy and security policies that comply with Sarbanes-Oxley, the Gramm-Leach-Bliley Act (GLBA) and the Health Insurance Portability and Accountability Act (HIPAA), as well as numerous state and industry regulations. Our goal is to develop policies that satisfy the most stringent laws applicable to businesses.  To ensure that policies comply with all applicable state and federal laws and regulations, Scott & Scott works with companies to conduct a detailed inventory of sensitive data throughout the corporation, review controls being used to monitor and protect sensitive data, and analyze internal procedures designed to guarantee that Opt-In and Customer Privacy Preference choices are honored.  Our team also defines access controls for executives, employees, temporary employees, and contract labor.