In addition to the direct consequences of a data security incident, many companies that suffer data breaches must face lawsuits. In a recent webinar, Mintz Levin members Meredith Leary, Kevin McGinty and Mark Robinson discussed the various types of data security litigation and gave advice on how companies can best prepare for the likelihood of a lawsuit after a data breach. This article, the first in a two-part series, features their insight on how companies can put themselves in the best position now to defend their actions later. The panelists also identified threshold questions that companies can ask themselves during an internal investigation following a data breach. In the second article, they further explore best practices for internal investigations and common defenses in data breach class actions. See also “Liability Lessons from Data Breach Enforcement Actions” (Nov. 11, 2015).