BarbriSFCourseDetails
  • videocam On-Demand
  • card_travel Commercial Law
  • schedule 90 minutes

Integrating Information Security Protections in Supplier Agreements: Guidance for Business and Technology Counsel

Evaluating Data Security Risks, Negotiating Contractual Protections, Monitoring Supplier Performance

$297.00

This course is $0 with these passes:

CLE
ALL
  1. keyboard_arrow_leftBack
BarbriPdBannerMessage

Description

Designing an information security protocol requires a unified approach that includes robust security policies, ongoing employee education, and effective technology systems (firewalls, encryption, etc.). Company counsel must ensure continuous security audits and well-drafted contracts with business partners and other suppliers that specifically address information security. Any agreement that permits third-party access to a company's network, facilities, data, or confidential information should include ironclad information security protocols.

Incorporating information security into technology contracts involves three critical components: 1. internal and supplier due diligence; 2. contractual protections; and 3. information handling and security procedures and requirements, generally in the form of contract exhibits. Counsel should notify suppliers at the outset that the information they provide during information security due diligence will be relied upon during vendor selection and become part of the contract.

When drafting supplier contracts, business and technology counsel should broadly define confidentiality to include all potentially private information. Agreements should limit the use of subcontractors, address personnel due diligence, and use warranties and indemnity provisions to limit risk. Where appropriate, counsel should attach specific information handling requirements as an exhibit to the contract.

Listen as our authoritative panel explains best practices for integrating information security protections in the supplier contracting process. The panel will discuss key provisions to include in supplier agreements and considerations for customers and vendors during due diligence, contract negotiations, and post-execution.

Presented By

Michael R. Overly
Partner
Foley & Lardner LLP

Michael R. Overly is a partner and intellectual property lawyer with Foley & Lardner LLP where he focuses on drafting and negotiating technology related agreements, software licenses, hardware acquisition, development, disaster recovery, outsourcing agreements, information security agreements, e-commerce agreements, and technology use policies. He counsels clients in the areas of technology acquisition, information security, electronic commerce, and on-line law. Michael is a member of the Technology Transactions, Cybersecurity, and Privacy and Privacy, Security Information Management Practices. Michael is one of the few practicing lawyers who has satisfied the rigorous requirements necessary to obtain the Certified Information System Auditor (CISA), Certified Information Privacy Professional (CIPP), Certified Information Systems Security Professional (CISSP), Information Systems Security Management Professional (ISSMP), Certified Risk and Information System Controls (CRISC), and Certified Outsourcing Professional (COP) certifications. Mr. Overly’s numerous articles and books have been published in the United States, Europe, Korea, and Japan. He has been interviewed by a wide variety of print and broadcast media (e.g., the New York Times, Los Angeles Times, Business 2.0, Newsweek, ABCNEWS.com, CNN, and MSNBC) as a nationally recognized expert on technology and security related matters. In addition to conducting seminars in the United States, Norway, Japan, and Malaysia, Mr. Overly has testified before the U.S. Congress regarding online issues.

expand_circle_down Expand to View Full Bio expand_circle_up Collapse Bio
Credit Information

  • This 90-minute webinar is eligible in most states for 1.5 CLE credits.


  • Live Online


    On Demand

Date + Time

  • event

    Tuesday, May 25, 2021

  • schedule

    1:00 p.m. ET./10:00 a.m. PT

  1. Overview
  2. Internal and vendor due diligence
  3. Contractual protections
  4. Information handling and security procedures and requirements

The panel will review these and other key issues:

  • What types of business information require security protection and why are contractual protections important?
  • What mistakes do businesses make when designing a comprehensive security protocol?
  • What issues should business counsel address during initial internal due diligence? What should counsel address in supplier due diligence?
  • What are the contractual protections to include in supplier agreements?
  • What issues should business counsel anticipate when negotiating with suppliers?