Security Incident Mitigation Strategy: Effective Negotiation of Technology Contract Limitations of Liability
If technology vendors will have access to the personal information of their customers’ end users (regardless of whether the end users are employees or customers), treatment on caps on liability take on heightened importance, points out Janine Anthony Bowen in a post on the Data Privacy Monitor blog of BakerHostetler.
“Vendors have become increasingly reluctant to provide unlimited liability to protect customers against harms caused by security incidents, going to great lengths to narrowly tailor the situations under which the vendors will bear risk,” she writes.
She cites the 2019 Data Security Incident Report for guidance on decision-making regarding acceptable financial risk allocation.