Vendor Agreements - Understanding and Managing Privacy and Security Risks

Vendor Agreements - Understanding and Managing Privacy and Security Risks

Vendors that support critical functions present one of the most challenging security risks that businesses face. Businesses increasingly rely on a wide range of vendors for support related to all aspects of their operations, including human resources, payroll, recruiting, procurement/supply chain, manufacturing, finance and accounting, legal support, cloud services, information technology, email, document storage and management, marketing and security.

When engaging vendors, companies share access to their customer data, employee data, intellectual property, communications, and financial data. In many instances, vendors will have network access. It has been estimated that a typical Fortune 500 company may use more than 100,000 external third parties, including vendors, suppliers and outsourcers. And vendors often have their own subcontractors, further adding to the chain. All of these factors create risk.

Vendors also create legal obligations. In some cases, laws require businesses to include specific provisions in their vendor agreements.

Please join us for a presentation on what should be in your vendor agreements to manage these risks and comply with the law.

David Rice is a partner with Miller Nash Graham & Dunn LLP who advises a wide range of clients on data security, data privacy and IT/Cloud Infrastructure issues. He assists clients with legal compliance, GDPR, data incident response, data security audits, privacy by design, employee training, simulated data incident exercises, and managing vendor contracting involving data security issues. David also negotiates a wide range of technology contracts, including agreements involving data centers, colocation, networking, SaaS, content delivery networks, dark fiber, IP transit, complex server systems, wireless networks, equipment leases, device trials, and spectrum leases. He has worked on transactions in 35 different countries in North America, South America, Africa, Europe, and Asia. David is CIPP-US certified by the International Association of Privacy Professionals.

When: Wednesday, March 27, 2019 12:00 – 1:00 pm

Where: Kell’s Irish Restaurant & Pub, 112 SW 2nd Ave., Portland, OR 97204 (503) 227-4057

$22 for Technology Law members;
$27 for other bar members and non-lawyers;
$18 for students.
This cost includes lunch.
MCLE Credit: The Technology Law Section will apply for one (1) general CLE credit

Your bar registration number with the Oregon Bar.