Compliance Perspectives: Compliance’s Role in Vendor Contracts
Day 17 of One Month to More Effective Compliance for Business Ventures- Corporate Controller and Business Ventures
What are key legal strategies for managing risk in the fast-evolving world of data center development? In this informative webinar, you'll learn principles of risk allocation, the influence of emerging technologies, common...more
In the wake of the DOJ’s pending antitrust lawsuits, CRE companies should include several protections in their vendor agreements that involve the use of revenue management software. This article provides tips to mitigate...more
Investment advisers and others involved in the implementation of the new IA AML mandate have been alert to potential ramifications to the rule due to the upcoming change in administration. Upon review, K2 Integrity and...more
It’s no longer good enough for your business to have a reactive approach to consumer privacy – you need a proactive strategy to manage compliance, foster consumer trust, and stay competitive in this modern era. While many...more
Government entities are subject to strict regulation and reporting requirements when contracting with vendors. Florida statutes often require affidavits from vendors as a condition precedent to contracting with government...more
On July 11, 2024, the New York Department of Financial Services (“NYDFS”) released Insurance Circular Letter No. 7, which establishes guidelines on the use of artificial intelligence systems (“AIS”) and external consumer data...more
Since the release of OpenAI’s ChatGPT, the intense hype around large language models (LLMs) and complex AI systems has exploded. Organizations have rushed to both try and buy these new tools. Along with it, a flood of...more
A decision of the High Court of the United Kingdom earlier this year is an important reminder that the limitation of liability clause remains a crucial piece of any high value or complex contractual arrangement. The...more
On July 26, 2023, the U.S. Securities and Exchange Commission (“SEC”) adopted final rules relating to enhanced cybersecurity disclosures, which became effective on September 5, 2023 (the “Final Rules”). Beginning in December...more
Cooley’s AI Talks series highlights multidisciplinary perspectives on artificial intelligence and showcases the firm’s subject matter knowledge on the intricacies – and complexities – of large language models, machine...more
For employers, complying with the California Consumer Privacy Act (CCPA) can be quite burdensome. So if you can identify a simple way to reduce your obligations under this law, you should typically jump at the opportunity....more
Tech Vendors and Cybersecurity – Are They Responsible? It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you...more
It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you if its product is compromised and results in a data...more
CEP Magazine – April 2022 - As the entire industry is facing the shift to a more formalized reporting system for environmental, social, and governance (ESG) programs, the most important components of the programs can no...more
As the BakerHostetler Digital Risk Advisory and Cybersecurity team wraps up the 2022 edition of annual Data Security Incident Response (DSIR) Report, we take one last look at the findings in the 2021 edition of the report to...more
Customers engaging a software as a service (SaaS) vendor often end up using the vendor’s form agreement, which can range from being extremely vendor friendly to middle of the road. Regardless of where it falls on the...more
Pennsylvania Governor Tom Wolf announced this week that the Commonwealth will not continue to do business with its contact tracing vendor following a security incident that potentially exposed the personal information of...more
With incredible speed, Virginia became the second state in the United States with a comprehensive data privacy law. Virginia’s law is called the Consumer Data Protection Act (CDPA). The CDPA is effective January 1, 2023,...more
Among many other things, 2020 has been the year of vendor security incidents and data breaches. More than ever, we have responded to incidents for clients that were caused not by the client, but by a third-party vendor....more
In July 2020, the Pennsylvania Supreme Court agreed to tackle the thorny question of whether Amazon can be held liable for defective products sold by third parties on its website. The Third Circuit offered up the case in June...more
Last week the Third Circuit made its most recent move in the Oberdorf v. Amazon case: asking the Pennsylvania Supreme Court whether an e-commerce business – such as Amazon – is strictly liable for a defective product that was...more
COVID-19 spurred an overnight surge in demand for work-from-home vendors. These include companies offering audio and videoconferencing services, cloud services, e-commerce platforms, and virtual desktop infrastructure, to...more
In cloud services, whether it is infrastructure as a service (IaaS), platform as a service (PaaS), or software as a service (SaaS), service availability is often a significant customer concern because the customer is relying...more
In light of the threats posed by natural disasters, pandemics and civil disorder, among other events, businesses of all types must formulate responses to address significant business disruptions (“SBDs”) and the safety of...more
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more