Blog
BFV Perspectives, Corporate Matters, | Mar 19, 2015

Data Security Contract Clauses and Cyber Insurance

Any company that uses a service provider should strongly consider including data security protections in the service agreement if the service provider has access to the personal information about the company’s employees or customers, such as social security numbers, etc.  A company’s failure to insist upon data security protections could expose the company to significant liability. At a minimum, the company’s agreement with the service provider should require the service provider to: (i) meet the industry standard of care related to protecting the personal information, (ii) maintain minimum security safeguards, and (iii) have a notice and incident response plan in the event of a breach. Even with adequate protections in place, companies should consider purchasing cyber insurance. Cyber insurance policies differ dramatically in terms of what  they  cover,  what  they  exclude,  and  the  amount  of retentions.  Strongly consider having your policy reviewed by someone with knowledge in the area.

BFV Perspectives, Corporate Matters, | Mar 19, 2015
Jeffrey N. Berman
Jeffrey N. Berman

I have practiced law in Atlanta for more than 30 years and I genuinely enjoy being a lawyer. I am privileged to work with clients who are creating and growing innovative companies.