Data Ownership, Liability, and Cost Traps

Produced by Steve Nathans-Kelly

What are the liability and cost traps you need to watch out for when contracting for data ownership? Adler Law Group president and founder David Adler discussed these key legal considerations in his presentation at Data Summit 2023.

Liability and cost traps fall into three areas including laws, rules, and regulations; IT integrations; and third parties, Adler explained.

“If you’re used to GDPR, you’re already thinking about some of these terms,” Adler said.

In the U.S. there is regulatory oversight in the form of the FTC, there is other oversight in the financial industry with the FDIC, and in the healthcare industry with HIPAA. Additionally, there are several states that enact their own privacy laws.

“This is totally new, and it needs to be in your contracts because these state laws require that your contracts address data sovereignty, data privacy, and data security,” Adler said.

There are several questions to consider when forming contracts with customers or vendors in these areas. These questions include:

  • What governing law does the contract have?
  • How does that state's data privacy laws impact what you are doing in your relationship?
  • Are you dealing with personally identifiable information? Is this healthcare information?
  • Is this information or data that requires a heightened level of security?

Third parties involved include HR people that handle data from various employees, multiple vendors, and more that handle potential customer data.

“That is a very large risk in terms of being able to understand what they can do with that, what the liability for you in terms of sharing that information,” Adler said.

Save the Date for Data Summit 2024—May 8-9, 2024—Hyatt Regency|Boston, MA!