Integrating Information Security Protections In Supplier Agreements: Guidance for Business and Technology Counsel

Evaluating Data Security Risks During Due Diligence, Negotiating Contractual Protections, Monitoring Supplier Performance

Recording of a 90-minute CLE webinar with Q&A

Conducted on Tuesday, February 7, 2017
Recorded event now available

This CLE webinar will provide guidance to business and technology counsel for incorporating information security protocols into supplier contracts. The program will discuss due diligence strategies, specific clauses that should be included in agreements, and effective tactics for monitoring supplier performance and compliance with contractual terms and relevant privacy and security laws.


Designing an information security protocol requires a unified approach comprised of strong security policies, ongoing employee education, effective technology systems (firewalls, encryption, etc.), continuous security audits, and well drafted contracts with business partners and other suppliers that specifically address information security. Any agreement that gives a third party access to a company’s network, facilities, data or confidential information should include ironclad information security protocols.

Incorporating information security into technology contracts involves three critical components: 1. internal and supplier due diligence; 2. contractual protections; and 3. information handling and security procedures and requirements, generally in the form of contract exhibits. Suppliers should be notified from the outset that the information they provide during information security due diligence will be relied upon during vendor selection and will become part of the contract.

When drafting supplier contracts, business and technology counsel should broadly define confidentiality to include all potentially confidential information. Contracts should limit the use of subcontractors, address personnel due diligence, and use warranties and indemnity provisions to limit risk. Where appropriate, specific information handling requirements should be attached as an exhibit to the contract.

Listen as our authoritative presenter explains best practices for integrating information security protections in the supplier contracting process. The presenter will discuss key provisions that should be included in supplier agreements and considerations for customers and vendors during due diligence, contract negotiations and post-execution.


  1. Overview
  2. Internal and vendor due diligence
  3. Contractual protections
  4. Information handling and security procedures and requirements


The speaker will address these and other key issues:

  • What types of business information require security protection and why are contractual protections important?
  • What mistakes do businesses make when designing a comprehensive security protocol?
  • What issues should business counsel address during initial internal due diligence? What should be addressed in supplier due diligence?
  • What key contractual protections should be included in supplier agreements?
  • What issues should business counsel anticipate when negotiating with suppliers?


Matthew A. Karlyn, Partner
Foley & Lardner, Boston

Mr. Karlyn has extensive experience with transactions relating to outsourcing and information technology, including IT outsourcing, business process outsourcing, application development, data center leasing, development and managed services, technology licensing, cloud computing transactions, systems integration, privacy, security and information management issues, co-location and software development.


CLE On-Demand - Streaming Video

Includes recorded streaming video of full program plus PDF handouts.

On-demand is the only recorded format recognized for CLE credits in DE, IN, KS, LA, MS, NC, OH, OK, SC, TN, VA, WI.

AK, AZ, CA, CO, CT, DE, FL, GA, HI, IA, ID, IL, IN*, KS, KY, LA, ME, MN, MO, MT, NC, ND, NH**, NJ, NM, NV, NY, OH*, OK, OR, PA, SC, TN, TX, UT, VA, VT, WA, WI, WV, WY (Note: Some states restrict CLE eligibility based on the age of a program. Refer to our state CLE Map for additional information.)

*Only available for attorneys admitted for more than two years. For OH CLE credits, only programs recorded within the current calendar year are eligible - contact the CLE department for verification.

**NH attendees must self-determine if a program is eligible for credit and self-report their attendance.

CLE On-Demand Video $297.00

How does this work?

Recorded Event

Includes full event recording plus handouts.

Strafford is an approved provider and self-study CLE credit is available in most states.

AK, AZ, CA, CO, CT, FL, GA, HI, IA, ID, IL, KY, ME, MN, MO, MT, ND, NJ, NM, NY, OR, PA, TN, TX, UT, VT, WA, WV, WY (Note: Some states restrict CLE eligibility based on the age of a program. Refer to our state CLE Map for additional information.)

Strafford will process CLE credit for one person on each recording.

Additional copies of a recording can be purchased at a discount. Please call Strafford Customer Service toll-free at 1-800-926-7926 ext 10 or email to place your order.

Recorded Webinar Download $297.00

How does this work?

Recorded Audio Download (MP3) $297.00

How does this work?


Strafford webinars offer several options for participation: online viewing of speaker-controlled PowerPoint presentations with audio via computer speakers or via phone; or audio only via telephone (download speaker handouts prior to the program).  Please note that our webinars do not feature videos of the presenters.

Program Materials

Requires Adobe Reader 8 or later. Download Acrobat FREE.

Program Materials

Requires Adobe Reader 8 or later. Download Acrobat FREE.

or call 1-800-926-7926

CLE Credits

Many states grant CLE credits for on-demand streaming audio programs and recorded events. Our programs are pre-approved in many states. Refer to our state CLE map for state-specific information.

or call 1-800-926-7926

Customer Reviews

Great program.

Jennifer Doran

Hinckley, Allen & Snyder

The presentation was perfect - not too technical or legal. Keep up the good work!!

Patricia Embley

I liked the concise and clear presentation of the subject matter.

Arthur Glassman

Moss & Barnett

I thought the content covered in the webinar was very helpful.

Stephanie Hooks


I appreciated the practical advice and seasoned evaluation of the rules.

Kevin Wolf

Ruder Ware

or call 1-800-926-7926

Business Contracts and Franchise Advisory Board

Vincent R. Martorana

Assistant General Counsel


Charles (C. J.) Schoenwetter


Bowman and Brooke

Rochelle Spandorf


Davis Wright Tremaine

Craig Tractenberg


Fox Rothschild

Les Wharton

Chief Legal Officer

Coverall North America

or call 1-800-926-7926

Our Guarantee

Strafford webinars are backed by our 100% Unconditional Money-Back Guarantee: if you are not satisfied with any of our products, simply let us know and get a full refund. For more information regarding complaints and refunds, please contact us at 1-800-926-7926 ext 10. Complaints regarding this program can be submitted via the course evaluation found in the “Thank you” e-mail at the end of the course.