assessment, audit, Breach, breach notice, Cloud, cloud computing, Computing, contracting, contracts, Contracts Breach, forensics, incident, incident response, liability, notice, privacy, provider, Regulation, response, schedule, Security, security assessment, security breach, security schedule, service, service provider, service provider liability
What's in Google's SaaS Contract with the City of Los Angeles? Part Three.
By InfoLawGroup LLP on June 23, 2010
This blogpost is the third (and final) in our series analyzing the terms of Google's and Computer Science Corporation's ("CSC") cloud contracts with the City of Los Angeles. In Part One, we looked at the information security, privacy and confidentiality obligations Google and CSC agreed to. In Part Two, the focus was on terms related to compliance with privacy and security laws, audit and enforcement of security obligations, incident response, and geographic processing limitations, and termination rights under the contracts. In Part Three, we analyze what might be the most important data security/privacy-related terms of a Cloud contract (or any contract for that matter), the risk of loss terms. This is a very long post looking at very complex and interrelated contract terms. If you have any questions feel free to email me at dnavetta@infolawgroup.com
audit, Breach, breach notice, Cloud, contracting, contracts, forensics, incident response, privacy, Regulation, Security, security assessment, security breach, security schedule, service provider, service provider liability
What's in Google's SaaS Contract with the City of Los Angeles? Part Two.
By InfoLawGroup LLP on June 03, 2010
Alberta, Breach, Breach notice notification Canada Alberta, Canada, notice, notification, service provider
FAQ on Alberta's New Breach Notice Law
By InfoLawGroup LLP on May 21, 2010
compliance, ISO 27001/2, legal defensibility, privacy notice, reasonable, risk, risk assessment, Security, security measures, security program, service provider, standards
The Legal Defensibility Era is Upon Us
By InfoLawGroup LLP on May 04, 2010
contracting, contracts, indemnification, reasonable, reasonable security, Security, security measures, security schedule, service provider
Developing an Information Security and Privacy Schedule for Service Provider Transactions (Part Two)
By InfoLawGroup LLP on February 18, 2010
contracting, contracts, indemnification, reasonable, reasonable security, Security, security measures, security schedule, service provider
Developing an Information Security and Privacy Schedule for Service Provider Transactions
By InfoLawGroup LLP on February 15, 2010
litigation, payment, payment card, PCI DSS, PCI DSS Radiant Systems, Radiant, Savvis, security breach litigation, security breach litigation service provider, service provider, Systems
The Merchants Strike Back?
By InfoLawGroup LLP on December 03, 2009
information security law, information security law legislation, Legislation, Massachusetts, Massachusetts personally identifiable information service provider, personally identifiable information, service provider
Massachusetts' Revised Personal Information Security Regulation (201 CMR 17.00)
By InfoLawGroup LLP on October 03, 2009
Massachusetts' Office of Consumer Affairs & Business Regulation (OCABR) recently released a revised version of its "Standards for the Protection of Personal Information of Residents of the Commonwealth" (the "Regulation"). This August 2009 version modifies the February 2009 version of the Regulation. The press release for the new revision is here, and the FAQs released by OCABR appear updated to address some of the changes in the regulations.For ease of reference, ISC has taken the time to create a REDLINED VERSION showing the revisions in the new Regulation. The redlines indicate changes between the February 2009 version and the August 2009 version of the Regulation. Also included below is a summary of some of the more significant changes.
Breach, contracting, e-Discovery, Electronic evidence, EU Directive, IaaS, outsourcing, PaaS, privacy, SaaS, Security, service provider
Legal Implications of Cloud Computing -- Part One (the Basics and Framing the Issues)
By InfoLawGroup LLP on August 16, 2009
I had the pleasure of hearing an excellent presentation by Tanya Forsheit on the legal issues arising out of cloud computing during the ABA Information Security Committee's recent meeting (at the end of July) in Chicago. The presentation resulted in a spirited debate between several attorneys in the crowd. The conversation spilled over into happy hour and became even more interesting. The end result: my previous misunderstanding of cloud computing as "just outsourcing" was corrected, and now I have a better appreciation of what "the cloud" is and the legal issues cloud computing raises.
