Related Posts
I don’t trust cheese that doesn’t melt
Additional Posts in Privacy Law
New to Fishbowl?
Download the Fishbowl app to
unlock all discussions on Fishbowl.
unlock all discussions on Fishbowl.
I don’t trust cheese that doesn’t melt
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Download the Fishbowl app to unlock all discussions on Fishbowl.
Copy and paste embed code on your site

Scan your QR code to download
Fishbowl app on your mobile

First understand what your own insurance covers.
Then understand what their insurance covers.
Then negotiate.
This is included in the vast majority of DPAs I have negotiated with vendors, but its usually subject to any negotiated privacy cap.
I’m sure it happens but I would laugh anybody who attempts such of a clause out of the building
I work in the health care field. Very common to see indemnification provisions for breach notifications costs related to HIPAA breaches. The breach costs are not logically associated with the cost of the services, so there are usually caps based on breach response cost per record and records accessed in the performance of services. We often require insurance policies in the $5M-$10M range if there will be extensive access.