We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byEmma Rhea
Modified about 1 year ago
©2008 Perkins Coie LLP Game Industry Roundtable Privacy Developments for the Game Industry Thomas C. Bell September 24, 2008
©2008 Perkins Coie LLP Since January 2005 over 218 million data records of U.S. residents have been exposed due to security breaches. Source: Privacy Rights Clearinghouse,
©2008 Perkins Coie LLP What are the Costs? Ponemon Institute's 2007 Annual Study: U.S. Cost of a Data Breach pgp.com/downloads/research_reports/index.html
©2008 Perkins Coie LLP Privacy Framework
©2008 Perkins Coie LLP Preparation Breach response plan Contract strategies
©2008 Perkins Coie LLP Minimum Contract Strategies: For third party sources of risk: data hosts, processors, advertisers, marketing partners, storage companies, etc. Define and deal with "personal information" Due diligence Past audits Past breaches Ongoing audits
©2008 Perkins Coie LLP Minimum Contract Strategies Notice Vendor shall immediately notify Retailer of any actual, probable or reasonably suspected breach of security of the Vendor Systems and of any other actual, probable or reasonably suspected unauthorized access to or acquisition, use, loss, destruction, compromise or disclosure of any Confidential Information of Retailer, including without limitation any Personal Information (each, a "Security Breach").
©2008 Perkins Coie LLP Cooperation In any notification to Retailer required under this Addendum, Vendor shall designate a single individual employed by Vendor who must be available to Retailer 24-hours per day, 7-days per week as a contact regarding Vendor's obligations under this Addendum. Vendor shall (a) assist Retailer in investigating, remedying and taking any other action Retailer deems necessary regarding any Security Breach and any dispute, inquiry or claim that concerns the Security Breach; and (b) shall provide Retailer with assurance satisfactory to Retailer that such Security Breach or potential Security Breach will not recur. Unless prohibited by an applicable statute or court order, Vendor shall also notify Retailer of any third- party legal process relating to any Security Breach, including, but not limited to, any legal process initiated by any governmental entity (foreign or domestic). Minimum Contract Strategies
©2008 Perkins Coie LLP Standard of Care Vendor is fully responsible for any authorized or unauthorized collection, storage, disclosure and use of, and access to, Personal Information. Vendor shall implement and maintain administrative, physical and technical safeguards ("Safeguards") that prevent any collection, use or disclosure of, or access to, Personal Information that this Agreement does not expressly authorize, including, without limitation, an information security program that meets the highest standards of best industry practice to safeguard Personal Information. Minimum Contract Strategies
©2008 Perkins Coie LLP Indemnity Vendor will defend and indemnify Retailer, its parent, subsidiaries and affiliates, and each of their respective officers, shareholders, directors and employees from and against any third party claims, losses, liabilities and expenses (including, without limitation, reasonable attorneys' fees and expenses) that relate to any failure to comply with any obligation enumerated in this (1) Agreement relating to Personal Information, or (2) this Addendum. Which costs are covered? Minimum Contract Strategies
©2008 Perkins Coie LLP Limitation on Liability Vendors typically seek to exclude indirect and consequential damages. These damages are, however, precisely the type of damages that Retailer might incur from the disclosure, theft or destruction of data. Therefore, seek to carve out (i) all damages arising from breaches of this Addendum and (ii) all indemnification obligations (or, if absolutely cannot get (ii), all indemnification obligations arising out of breaches of confidentiality or security provisions--i.e., all breaches of this Addendum). Similarly, carve out (i) all damages arising from breaches of this Addendum and (ii) all indemnification obligations (or, if absolutely cannot get (ii), all indemnification obligations arising out of breaches of confidentiality or security provisions—i.e., all breaches of this Addendum) from the overall cap on damages. Minimum Contract Strategies
©2008 Perkins Coie LLP New Developments "Rebate" cards Loyalty programs eCommerce partners: Whose customer is it?
©2008 Perkins Coie LLP Questions? Tom Bell
Application Service Providers and Outsourcing: Protect Your Assets Theresa Rowe Oakland University Copyright Theresa Rowe This work is the intellectual.
HITECH ACT Privacy & Security Requirements Cathleen Casagrande Privacy Officer July 23, 2009.
Information Privacy and Data Protection Lexpert Seminar David YoungDecember 9, 2013 Breach Prevention – Due Diligence and Risk Reduction.
Red Flag Rules WELCOME Iowa State University Identity Theft Prevention Program.
1 HIPAA Privacy Basics Presented by: Michele A. Masucci Harvey Z. Werblowsky McDermott, Will & Emery October 30, 2002.
Jeffrey M. Tonks YCPARMIA RISK TRANSFER SEMINAR YCPARMIA TRAINING 2006 Learn more about us at:
HOW TO RESPOND TO A DATA BREACH: ITS NOT JUST ABOUT HIPAA ANYMORE The Fourteenth National HIPAA Summit March 29, 2007 Renee H. Martin, JD, RN, MSN Tsoules,
This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner.
Your source for professional liability education and networking. Press to Bankrupt Your Company Cyber Liability for Small and Medium Business.
RMC 2010 Chicago Telcom Insurance Group Get Blown Away by Our Educational Programs Presented by: Peter J. Elliott, CPCU President and CEO Insurance Topics.
Americas Voice for Community Health Care The NACHC Mission To promote the provision of high quality, comprehensive and affordable health care that is.
Information Law/ Data Protection Briefing 2007 Keith G Fraser University Records Manager.
Cyber Liability What School Districts Need to Know.
Data Security Breach Code of Practice. Data Security Concerns Exponential growth in personal data holdings Increased outsourcing 3 rd countries cloud.
Hot Topics in Privacy & Security Law Presented by Robert J. Scott Managing Partner Scott & Scott, LLP
Getting Legal: Building the ISO/Legal Counsel Relationship through GLB Dr. Dan Manson Cal Poly Pomona
FIVE EASY STEPS FOR HANDLING NEW HIPAA REQUIREMENTS & MANAGING YOUR ELECTRONIC COMMUNICATIONS James J. Eischen, Jr., Esq. October 2013 Chicago, Illinois.
Boston Springfield Albany Enter Presentation Title Here Presenter Name © 2009 Wolf & Company, P.C. Presentation date Location 1 Boston Springfield Albany.
Underwriting Coverage & Analysis Session Presented by: Peter J. Elliott, CPCU, President & CEO Telcom Insurance Group Owned by Those we Serve
A GIA is a contract between a surety company and a contractor (or subcontractor)/principal. A GIA is a standard, typical document in the construction.
Copyright 2001 Brett J. Trout Security Concerns with e-Commerce Bretttrout.com.
HIPAA Privacy: Implementing Privacy for Government Health Plans Roberta M. Ward Senior Counsel, Privacy Officer California Department of Health Services.
© Husch Blackwell LLP HIPAA IN THE WORKPLACE September 27, 2013 Deborah C. Hiser Julianne P. Story.
Using Your Captive In Your D&O Insurance Program IBCs 9 th Annual Executive Forum On Captives Boston October 22-24, 2003 By Michael A. Rossi Insurance.
Navigating the Interface Between the HIPAA Privacy and Security Rules Presented by: McDermott, Will & Emery Michael L. Blau, Esq Marilyn Lamar, Esq. 28.
IP Audit "We're in an object-oriented, outsourced, and open-sourced world, and organizations are anxious to take steps to ensure that the software they.
The Department has declared itself to be a single covered entity. Thus, each and every one of our divisions is a covered entity and must comply with.
Copyright Davis Wright Tremaine LLP - Jan Working with the HIPAA Privacy Manual and Forms --- HIPAA Summit West II Clark Stanton & Tom Jeffry Davis.
Breach vs. Incident – a Guided Discussion Sharon Blanton, PhD Craig Schiller, CISSP-ISSMP, ISSAP Chief Information Officer Chief Information Security Officer.
© 2016 SlidePlayer.com Inc. All rights reserved.