Technology and IT Contracts


With our incident response experience and regulatory knowledge, we are adept at handling technology transactions, including developing agreements and agreement provisions regarding:

  • PCI DSS and PHI
  • Data ownership
  • Data usage
  • Data transfer and sharing
  • Data protection and incident response
  • Compliance with law, company policies, and best practices
  • Data-related representations, warranties, indemnities, liability limitations, and insurance requirements
  • Service level agreements

We handle agreements involving all forms of cloud service (SaaS, IaaS, PaaS), video game development, mobile apps, music distribution, geo-location, payment processing, fraud prevention, data analytics, and digital advertising.
Our transactional experience encompasses a significant amount of work involving cloud computing deals. We negotiate and advise on due diligence and best practices in cloud transactions. For both enterprise purchasers and cloud service providers, we address issues of liability and indemnification provisions regarding potential data security incidents involving the provider, and its employees and subcontractors, as well as responsibility for cyber insurance coverage.


  • Recognized as one of the top law firms for client service, BakerHostetler was named to the 2019 BTI Client Service 30 for the fifth consecutive year.




In The Blogs

Previous Next
Data Privacy Monitor
Deeper Dive: The Landscape of Healthcare Data Breaches
April 24, 2019
Healthcare was the industry most affected by data breaches in 2018. We worked on nearly 200 healthcare matters involving multispecialty academic medical centers, hospital systems, small and large physician practices, small and large health...
Data Privacy Monitor
SEC Updates Data Privacy and Cybersecurity Guidance for Registered Firms
April 22, 2019
On April 16, 2019, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) issued a risk alert, “Investment Adviser and Broker-Dealer Compliance Issues Relating to Regulation S-P –...
Data Privacy Monitor
Deeper Dive: Choose the Right Forensics Firm for the Job
By William R. Daugherty, Eric A. Packel
April 17, 2019
Forensics are a key component of many data incident investigations. The importance of forensics cannot be overstated. In fact, in 2018, 65% of the incidents we handled involved some type of forensic investigation. Forensics firms can not...
Data Privacy Monitor
In BIPA's Wake, a Wave of New Biometric Privacy Proposals
By Robyn M. Feldstein, Melinda L. McLellan
April 15, 2019
Over the past year, a host of new national, state and local laws have been introduced to regulate the collection and use of biometric information. Although these proposals vary in their requirements, certain elements appear to be inspired...
Data Privacy Monitor
Deeper Dive: The Scourge of O365 Incidents
April 11, 2019
A Growing Menace 2018 saw a continuation of companies moving toward cloud-based email systems. Phishing incidents targeting those systems followed suit. Fully one-third of incidents addressed by our incident response team in 2018 involved...