• |

Nov. 6, 2019

Updating Vendor Agreements to Comply With CCPA: Service-Provider Exemption and Corporate Approaches

  • Jill Abitbol
    Cybersecurity Law Report
Given the steep fines and risk to reputation that can come with failure to comply with the soon-to be-implemented CCPA, covered businesses must carefully review their existing agreements with third-party service providers. In this article, we provide an explanation of the CCPA’s new definitions, exclusions and implications for vendor contracting; how they will impact companies’ decisions; and practical strategies for updating vendor management programs, as presented by privacy lawyers from Credit Karma, Autodesk and Hogan Lovells during their presentation at the IAPP Privacy. Security. Risk. 2019 conference. A subsequent article will provide guidelines for specific contract language and will cover non-service provider exclusions and provisions. See also “Third-Party Data Breaches Highlight the Importance of Vetting Vendors in Compliance With GDPR and CCPA” (Aug. 21, 2019).

To read the full article

Continue reading your article with a CSLR subscription.

Most-Read Articles

Spotlight on Trailblazing Women

To mark International Women’s Day 2024, women editors and reporters of ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Jill Abitbol, Managing Editor of the Cybersecurity Law Report and Anti-Corruption Report, features notable women in data privacy, cybersecurity, white collar defense, compliance and anti-corruption law, including Christina Montgomery, Leslie Shanklin, Palmina Fava, Alexandra Ross and Lucinda Low. Enjoy reading their inspiring remarks here.

We Celebrate Data Privacy Day 2024

Read the full brief here.