Data Privacy and Security Agreements: Defining, Allocating, and Mitigating Risks From Data Security Breaches
Recording of a 90-minute CLE video webinar with Q&A
This CLE course will provide business counsel with tactics for drafting and enforcing data privacy and security agreements in the wake of the ever-increasing incidence of data security breaches. The speakers will address contractual provisions for allocating and mitigating risk and compliance with key regulatory regimes like the EU General Data Protection Regulation (EU GDPR), the UK General Data Protection Regulation (UK GDPR), the California Consumer Privacy Act (CCPA), and the latest California Privacy Rights Act of 2020 (CPRA).
Outline
- Lessons for businesses from recent data security breaches
- Critical clauses to address privacy and security risks in vendor agreements
- Enforcing privacy and security provisions in vendor contracts
Benefits
The panel will review these and other high priority issues:
- Best practices to mitigate risk when drafting data privacy and security provisions in vendor agreements
- Privacy and data security contract terms most frequently included
- Strategies for encouraging vendor compliance and overcoming enforcement challenges
- Learn real-world techniques for mitigating risk
Faculty
Michael R. Overly
Partner
Foley & Lardner
Mr. Overly focuses his practice on drafting and negotiating technology related agreements, software licenses, hardware... | Read More
Mr. Overly focuses his practice on drafting and negotiating technology related agreements, software licenses, hardware acquisition, development, disaster recovery, outsourcing agreements, information security agreements, e-commerce agreements, and technology use policies. He counsels clients in the areas of technology acquisition, information security, electronic commerce, and on-line law. He is the co-author of A Guide to IT Contracting: Checklists, Tools and Techniques (CRC Press, 2012).
Close
Susan L. Ross
Senior Counsel
Norton Rose Fulbright US
Ms. Ross’ practice focused on technology and U.S. privacy matters. Her extensive experience with technology and... | Read More
Ms. Ross’ practice focused on technology and U.S. privacy matters. Her extensive experience with technology and technology contracts includes negotiating, drafting, and interpreting over 10,000 computer hardware and software, SaaS, consulting, outsourcing, Internet, electronic signatures, web hosting, application service providers and non-disclosure agreements, many of which were for a federal government contractor. Ms. Ross also handles U.S. privacy matters, including security breach laws, as well as assisting clients with their questions and compliance efforts relating to Red Flag Rule, Health Insurance Portability and Accountability Act Privacy and Security Rules, Gramm-Leach-Bliley, Telephone Consumer Protection Act, CAN-SPAM, California Consumer Privacy Act, and Fair and Accurate Credit Transactions Act. Sue has assisted clients with privacy and information security questions relating to the Payment Card Industry standards, provided counseling on a wide variety of matters that raised privacy issues, and created privacy policies (including Binding Corporate Rules) for corporations, as well as for websites. Ms. Ross is part of the firm's FinTech team, frequently speaking and writing on cryptocurrency, blockchain, and smart contract issues.
Close