Data Privacy and Security Agreements: Defining, Allocating, and Mitigating Risks From Data Security Breaches
Course Details
- smart_display Format
On-Demand
- signal_cellular_alt Difficulty Level
- work Practice Area
Commercial Law
- event Date
Tuesday, March 29, 2022
- schedule Time
1:00 p.m. ET./10:00 a.m. PT
- timer Program Length
90 minutes
-
This 90-minute webinar is eligible in most states for 1.5 CLE credits.
This CLE course will provide business counsel with tactics for drafting and enforcing data privacy and security agreements in the wake of the ever-increasing incidence of data security breaches. The speakers will address contractual provisions for allocating and mitigating risk and compliance with key regulatory regimes like the EU General Data Protection Regulation (EU GDPR), the UK General Data Protection Regulation (UK GDPR), the California Consumer Privacy Act (CCPA), and the latest California Privacy Rights Act of 2020 (CPRA).
Ms. Ross’ practice focused on technology and U.S. privacy matters. Her extensive experience with technology and technology contracts includes negotiating, drafting, and interpreting over 10,000 computer hardware and software, SaaS, consulting, outsourcing, Internet, electronic signatures, web hosting, application service providers and non-disclosure agreements, many of which were for a federal government contractor. Ms. Ross also handles U.S. privacy matters, including security breach laws, as well as assisting clients with their questions and compliance efforts relating to Red Flag Rule, Health Insurance Portability and Accountability Act Privacy and Security Rules, Gramm-Leach-Bliley, Telephone Consumer Protection Act, CAN-SPAM, California Consumer Privacy Act, and Fair and Accurate Credit Transactions Act. Sue has assisted clients with privacy and information security questions relating to the Payment Card Industry standards, provided counseling on a wide variety of matters that raised privacy issues, and created privacy policies (including Binding Corporate Rules) for corporations, as well as for websites. Ms. Ross is part of the firm's FinTech team, frequently speaking and writing on cryptocurrency, blockchain, and smart contract issues.
Mr. Overly focuses his practice on drafting and negotiating technology related agreements, software licenses, hardware acquisition, development, disaster recovery, outsourcing agreements, information security agreements, e-commerce agreements, and technology use policies. He counsels clients in the areas of technology acquisition, information security, electronic commerce, and on-line law. He is the co-author of A Guide to IT Contracting: Checklists, Tools and Techniques (CRC Press, 2012).
The amount of data businesses collect, new and evolving uses for data, and data privacy and security threats continue to grow exponentially. Companies have an increased urgency to negotiate reasonable, valid, and enforceable data privacy and security provisions in contracts with their vendors.
Recent high profile data security breaches demonstrate that any organization may experience a breach. Data breaches put trade secrets, confidential information, and the personal information of consumers and employees at risk--and expose businesses to liability. Sweeping laws like the EU GDPR, UK GDPR, CCPA, and CPRA encourage businesses to implement robust privacy, data security, and risk allocation where personal data is stored, shared, or accessed.
Through carefully drafted data privacy and security provisions in agreements, counsel can help businesses allocate and mitigate the risks resulting from data security breaches. Other essential risk mitigation clauses include security measure standards, insurance, indemnity, and limitation of liability.
Listen as our panel of seasoned data privacy attorneys explains best practices for drafting data privacy and security provisions in vendor agreements. They will discuss evolving data privacy and security risks and specific clauses to allocate and mitigate risk and encourage vendor compliance.
- Lessons for businesses from recent data security breaches
- Critical clauses to address privacy and security risks in vendor agreements
- Enforcing privacy and security provisions in vendor contracts
The panel will review these and other high priority issues:
- Best practices to mitigate risk when drafting data privacy and security provisions in vendor agreements
- Privacy and data security contract terms most frequently included
- Strategies for encouraging vendor compliance and overcoming enforcement challenges
- Learn real-world techniques for mitigating risk
Related Courses
USTR Final Action on Port Entry Fees for Chinese-Operated, -Owned, and -Built Vessels; Non-U.S. Built Vehicle Carriers
Tuesday, May 6, 2025
1:00 p.m. ET./10:00 a.m. PT
Supply Agreements: Structuring Defense, Indemnity, and Insurance Provisions
Thursday, May 29, 2025
1:00 p.m. ET./10:00 a.m. PT
M&A Asset Sales vs. Stock Sales: Pros and Cons of Each Structure, Buyer and Seller Preferences, Negotiation Strategies
Friday, May 23, 2025
1:00 p.m. ET./10:00 a.m. PT