Tag Archives: indemnification

Cyber Insurance: An Efficient Way to Manage Security and Privacy Risk in the Cloud?

As organizations of all stripes increasingly rely on cloud computing services to conduct their business, the need to balance the benefits and risks of cloud computing is more important than ever. This is especially true when it comes to data security and privacy risks. However, most Cloud customers find it very difficult to secure favorable contract terms when it comes to data security and privacy. While customers may enjoy some short term cost-benefits by going into the Cloud, they may be retaining more risk then they want (especially where Cloud providers refuse to accept that risk contractually). In short, the players in this industry are at an impasse. Cyber insurance may be a solution to help solve the problem. … Continue Reading

Cloud Providers Competing on Data Security & Privacy Contract Terms

I ran across an interesting article in PC World the other day concerning a head-to-head competition between Google Apps (Google’s SaaS offering) and Microsoft’s Office to provide certain day-to-day applications to the City of Los Angeles.  The end result of this competition is that Google will be providing Google Apps (SaaS) to the City of Los … Continue Reading

Developing an Information Security and Privacy Schedule for Service Provider Transactions (Part Two)

In Part One of this blog series, we looked at the proactive nature of a data security and privacy schedule ("Schedule"), and considered the compliance function of a Schedule.  Part Two of this series discusses security incident response contract terms that should be considered for a Schedule.  In addition, we look at more traditional "risk … Continue Reading

Developing an Information Security and Privacy Schedule for Service Provider Transactions

It is a very interesting time for information security and privacy lawyers. Information technology and the processing, storage and transmitting of sensitive and personal information is ubiquitous. At the same time (and likely as a result of this ubiquity) the legal risk and regulatory compliance environment poses increased threats and potential for significant liability. Finally, … Continue Reading

Information Security Clauses and Certifications – Part 1

Service contracts that involve protected personal information should include provisions allocating responsibility for protecting that information and responding to security breaches. Increasingly, this means incorporating specific references to applicable laws and information security standards, and often certifications of conformance. … Continue Reading
LexBlog