Privacy and Data Protection – Information Technology

Overview

We focus our work for the IT industry on technology transactions, in addition to our usual comprehensive range of privacy and data protection services. We handle vendor contracts, mergers and acquisitions, and agreements involving the ownership, usage, transfer, and sharing of data, as well as a significant number of cloud computing deals for enterprise purchasers and cloud service providers. Our clients include: Web, software, and app developers; social game publishers; companies involved in the cloud, SaaS, platform usage, data analytics, network security solutions, advertising technologies and payment processing: and companies involved in Website, mobile app, and video game development.

Select Experience

  • Conducting due diligence and negotiating more than 150 cloud computing transactions on behalf of both cloud service providers and enterprise purchasers, including Software as Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).
  • Developing contract programs for technology service providers, including their master services agreement as well as a framework for negotiating revisions with their customers.
  • Providing guidelines to clients in assessing cloud computing risks, including indemnification and limits of liability.
  • Developing and assessing Service Level Agreements (SLAs) in various settings, addressing issues such as business interruption and customer service.
More »

Experience

  • Conducting due diligence and negotiating more than 150 cloud computing transactions on behalf of both cloud service providers and enterprise purchasers, including Software as Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).
  • Developing contract programs for technology service providers, including their master services agreement as well as a framework for negotiating revisions with their customers.
  • Providing guidelines to clients in assessing cloud computing risks, including indemnification and limits of liability.
  • Developing and assessing Service Level Agreements (SLAs) in various settings, addressing issues such as business interruption and customer service.
  • Facilitating the development and implementation of best practices to protect clients’ interests when purchasing and using cloud computing services.
  • Analyzing internal information governance requirements to mitigate cloud computing risks.
  • Developing internal and public-facing policies for responding to government access requests (pursuant to the Electronic Communication Privacy Act and other applicable laws) and addressing consumer privacy concerns in connection with the same.
  • Assessing and advising on international data transfers in the cloud and beyond under the European Data Protection Directive and other non-U.S. laws.
  • Advising technology service organizations on the development of predictive analytics technologies to provide fraud prevention and detection and digital marketing services consistent with applicable laws, FTC guidance, and best practices.
  • Advising traditional brick-and-mortar companies on the development of big data services in the business-to-consumer and business-to-business context based on the aggregation of consumer data.

Recognition

  • Chambers USA: Nationwide Privacy & Data Security (2013 to 2018)
    • Chambers USA Privacy and Data Security- Healthcare Spotlight Table (2018)
  • Recognized as one of the top law firms for client service, BakerHostetler was named to the 2019 BTI Client Service 30 for the fifth consecutive year.

Publications

Key Contacts

Blog

In The Blogs

Previous Next
Data Privacy Monitor
Best Cybersecurity Practices for Healthcare Organizations – Ransomware Prevention
By Kathryn Carey, Aleksandra Vold
February 8, 2019
This article is part of a series of blog posts exploring the recommendations and guidance Health & Human Services (HHS) provides to healthcare organizations in its “Cybersecurity Best Practices” report. For previous articles in the series...
Read More ->
Data Privacy Monitor
Insurance Data Security Model Law Picks Up Steam
By Andreas T. Kaltsounis, Shea M. Leitch
February 6, 2019
Three states recently enacted variations of the National Association of Insurance Commissioner’s (NAIC) Insurance Data Security Model Law (MDL-668), based on the landmark cybersecurity requirements issued by the New York Department of...
Read More ->
Data Privacy Monitor
What Can We Learn From the Healthcare Data Breach ‘Wall of Shame'?
By Eric A. Packel
February 4, 2019
In addition to dealing with the public outcry and regulatory scrutiny resulting from a healthcare data breach, covered entities under the Health Insurance Portability and Accountability Act (or their business associates) are required to...
Read More ->
Data Privacy Monitor
Washington State Proposes Sweeping Privacy Legislation
By Andreas T. Kaltsounis, Shea M. Leitch
February 4, 2019
On Jan. 17, 2019, a new privacy law was proposed in the Washington state Senate. If passed, the Washington Privacy Act would impose far-reaching responsibilities on companies to protect the privacy of “personal data.” Lifting many...
Read More ->
Data Privacy Monitor
The Use of Smart Speakers in the Healthcare Industry
February 1, 2019
Smart speakers are voice-activated, internet-connected devices with an integrated virtual assistant that can answer questions, follow instructions and control other smart devices. Nearly one in five U.S. adults has access to a smart...
Read More ->