Data Privacy and Security Agreements: Defining, Allocating and Mitigating Risks From Data Security Breaches

Recording of a 90-minute CLE webinar with Q&A

Conducted on Tuesday, November 27, 2018

Recorded event now available

or call 1-800-926-7926
Program Materials

This CLE webinar will provide business counsel with tactics for drafting and enforcing data privacy and security agreements in the wake of the ever-increasing incidence of data security breaches. The speakers will address effective contractual provisions for allocating and mitigating risk, as well as compliance with new regulatory regimes like the GDPR and the California Consumer Privacy Act of 2018.


As the amount of data that businesses collect, new and evolving uses for data, and threats to the privacy and security of data continue to grow exponentially, there is an increased urgency for companies to negotiate reasonable, effective, and enforceable data privacy and security provisions in contracts with their vendors.

The recent Aadhaar, Facebook, and Under Armour data security breaches are the latest reminder that all organizations are likely to experience a breach at some point, putting trade secrets, confidential information, and personal information of consumers and employees at risk and exposing businesses to liability. Sweeping new laws like the European Union’s GDPR and the California Consumer Privacy Act seek to address some of these risks and provide additional reasons to include robust privacy, data security, and risk allocation terms in vendor agreements where sensitive data is being shared or accessed.

Through carefully drafted data privacy and security provisions in agreements, counsel can help businesses allocate and mitigate the risks resulting from data security breaches. Other essential risk mitigation clauses include insurance, indemnity and limitation of liability.

Listen as our panel of seasoned data privacy attorneys explains best practices for drafting data privacy and security provisions in vendor agreements. They will discuss new and evolving risks to data privacy and security and specific clauses that should be included in data privacy and security provisions to help allocate and mitigate risk, and to withstand challenges to enforcement.



  1. Lessons for businesses from recent data security breaches
  2. Critical clauses to address privacy and security risks in vendor agreements
  3. Enforcing privacy and security provisions in vendor contracts


Our panel will review these and other high priority issues:

  • Best practices to mitigate risk when drafting data privacy and security provisions in vendor agreements
  • Privacy and data security contract terms most frequently included
  • Overcoming enforcement challenges


Forsheit, Tanya
Tanya Forsheit

Frankfurt Kurnit Klein & Selz

Ms. Forsheit is Chair of the Privacy & Data Security Group, and a partner in the Technology & Digital Media,...  |  Read More

Klein, Sharon
Sharon R. Klein

Pepper Hamilton

Ms. Klein chairs the firm’s Privacy, Security and Data Protection practice and leads both the Technology practice...  |  Read More

Nisenbaum, Alex
Alex C. Nisenbaum

Pepper Hamilton

Mr. Nisenbaum’s practice is focused on technology transaction and data privacy and security matters. He advises...  |  Read More

Other Formats
— Anytime, Anywhere

Strafford will process CLE credit for one person on each recording. All formats include program handouts. To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Video