Drafting Vendor Agreements to Comply With California Privacy Rights Act: Requirements Beyond CCPA and GDPR
New Privacy Enforcement Authority, Compliance, and Accountability Standards; Sensitive Personal Information
A live 90-minute CLE video webinar with interactive Q&A
This CLE webinar will guide business and technology counsel on drafting and updating technology vendor agreements to meet the privacy requirements of the California Privacy Rights Act (CPRA) that was approved on Nov. 3, 2020. The panel will discuss the evolving privacy landscape and provide practical advice to ensure that businesses abide by the stricter protections for consumers by reviewing requirements for compliance, differences in the scope of application with the California Consumer Privacy Act (CCPA) and the EU General Data Protection Regulation (GDRP), and due diligence tactics for evaluating existing technology vendor agreements.
Outline
- History of CPRA/CPPA/GDPR
- Changes in CPRA
- New criteria for which businesses are regulated
- The new category of "sensitive personal information"
- New and expanded consumer privacy rights
- Creates a new privacy enforcement authority
- Performing due diligence on existing vendor agreements for CPRA compliance
- Drafting new vendor contracts or amending existing contracts: language to include
- Tips for implementing an effective vendor risk management program
Benefits
The panel will review these and other relevant topics:
- What are the major expansions of privacy regulations under CPRA?
- What are the key features of CPRA as it relates to vendor relationships and risk exposure?
- How does one determine if a business is subject to CPRA and what constitutes "sensitive personal information"?
- What are steps companies and their counsel should take immediately to ensure vendor agreements comply with CCPA?
- What effect will the California privacy enforcement authority have on compliance with CPRA?
- How have GDPR principles been incorporated into CPRA?
Faculty

Aaron J. Burstein
Partner
Kelley Drye & Warren
Mr. Burstein provides legal advice on privacy, information security, and marketing laws and best practices, including... | Read More
Mr. Burstein provides legal advice on privacy, information security, and marketing laws and best practices, including compliance with federal and state laws throughout the U.S. As regulations such as the California Consumer Privacy Act (CCPA) bring significant changes to the legal landscape, he helps clients evolve their business practices to manage risk. In addition to counselling clients on the privacy and security issues that come up in the course of day-to-day business, Mr. Burstein also advises clients on legislative and regulatory developments affecting cutting-edge technologies such as drones and connected vehicles.
Close
Alan L. Friel
Partner
Baker & Hostetler
Mr. Friel leads the firm’s U.S. Consumer Privacy practice, which counsels clients on compliance with the... | Read More
Mr. Friel leads the firm’s U.S. Consumer Privacy practice, which counsels clients on compliance with the California Consumer Privacy Act (CCPA) and other data privacy regimes, as well as the Firm’s retail, restaurant and e-commerce industry initiative. Notably, he is BakerHostetler’s California Digital Assets and Data Management Leader.
Close
David Manek
Senior Managing Director
Ankura Consulting Group
Mr. Manek's global practice focuses on data analytics, cyber, data privacy, e-discovery, and digital... | Read More
Mr. Manek's global practice focuses on data analytics, cyber, data privacy, e-discovery, and digital forensics. He specializes in providing expert consulting services to organizations involved in large, complex, data-intensive regulatory change management projects.
CloseLive Webinar
Buy Live Webinar
Live Webinar
$297