In this session, partners Dan Mummery, Karl Nelson, and Alex Southwell from Gibson, Dunn & Crutcher’s outsourcing practice discuss the privacy and data security issues that may arise in outsourcing transactions and best practices to address these issues. They explore the laws and standards applicable to privacy and data security, identify the contract provisions necessary to protect against the legal, compliance and reputation risks that can be caused by data breaches, and examine the legal and business risks to consider when negotiating data security standards, notice requirements, audits and allocation of costs.
I. Identify privacy and data security issues arising in outsourcing transactions
II. Summarize laws and standards applicable to privacy and data security
III. Discover business risks when negotiating data security standards, notice requirements, audits, and allocation of costs
Dan Mummery is a partner in the Palo Alto office of Gibson, Dunn & Crutcher and is Co-Chair of the firm's Strategic Sourcing and Technology Transactions Group.
Mr. Mummery's practice encompasses a wide range of technology transactions and sourcing matters, with a particular emphasis on complex on-shore and off-shore information technology and business process outsourcing transactions, including outsourcing renegotiations and restructurings, shared services, business transformation, licensing, and contract manufacturing arrangements. Mr. Mummery's ITO experience includes infrastructure, ADM, IT security, end-user computing, help desk, call center and managed network transactions. His BPO experience includes HR, finance and accounting, procurement and supply chain management, claims processing, facilities management, clinical programs, fulfillment and logistics transactions.
Mr. Mummery has worked with a broad range of clients in major sourcing engagements and technology transaction matters, including some of the largest automotive, communications, energy, financial services, healthcare, manufacturing, media, technology and transportation companies in the world, as well as emerging growth companies and private equity and venture capital investors. He has represented such clients as American Express, AT&T, BellSouth, British Telecommunications, Cable & Wireless, Charles Schwab, Chevron, Clorox Company, Continental Airlines, Con-way, DuPont, Gateway, General Motors, KPMG, Levi Strauss & Co., McGraw-Hill, Miller Brewing Company, NetApp, Ryder, Symantec, Tenet Healthcare and United Air Lines.
Mr. Mummery is ranked by Chambers & Partners as one of the very best outsourcing lawyers in the world. Chambers USA Guide (2014) and Chambers Global Guide (2013) have awarded him their highest rankings in the categories of Outsourcing (USA, Band 1), IT & Outsourcing (California, Star Individual) and Outsourcing (Nationwide, Band 1). According to Chambers, Mr. Mummery is “an absolutely incredible outsourcing lawyer”, with a "wonderful negotiating style" who “fiercely protects client interests and provides high-value, strategic business and legal advice.”
Mr. Mummery is also included in Practical Law Company'sCross-border Outsourcing Handbook (2011-2012), The Best Lawyers in America 2013, The Lawdragon 500 (New Stars, New Worlds), Global Counsel 3000 and Mondaq Business Briefing, Survey of Leading E-Commerce Lawyers and is a member of the Advisory Board of Global E-Commerce Law and Business Report. He has been recognized as a "Leading Lawyer" in the Legal 500 US (Media, Technology & Telecoms, Technology – Outsourcing) for his outstanding outsourcing and technology transactions practice for many years.
Mr. Mummery's work in structuring, negotiating and implementing outsourcing transactions has been featured inThe Recorder, The Daily Deal and Business Finance. He is a frequent lecturer on outsourcing topics including, most recently, at ITO, BPO and offshoring programs organized byBusinessWeek, Gartner, Sourcing Interests Group and The Conference Board.
Mr. Mummery received his J.D. from Fordham University School of Law in 1988, where he served as editor-in-chief of the Fordham Urban Law Journal, and his A.B. from Bowdoin College in 1981. He is admitted to practice law in California and New York.
Karl Nelson is a partner in Gibson, Dunn & Crutcher's Dallas office and a member of the firm's Labor and Employment, Employee Benefits, Executive Compensation, and Class Action Litigation Practice Groups. He is also a founding member of the firm's Information Technology and Data Privacy Practice Group.
Recognized as one of The Best Lawyers in America® for Labor & Employment Litigation (2012-2015), Mr. Nelson counsels and represents clients in all aspects of federal and state employment regulation, labor relations, and compensation and benefits law. He has extensive experience defending complex labor and benefit matters, including class and collective actions under Title VII of the Civil Rights Act, the Employee Retirement Income Security Act, the Worker Adjustment and Retraining Notification Act, the Age Discrimination in Employment Act, and the Texas Commission on Human Rights Act. He has successfully defended clients against claims of age, race, disability and gender discrimination, sexual harassment, "whistle-blower" retaliation, and wrongful discharge under state common law, and he regularly advises and represents clients in connection with trade secret, competition, and employee-raiding issues.
Mr. Nelson also has extensive experience representing clients before federal and state administrative agencies. He has successfully represented employers before the Department of Labor in complex wage and hour and pension benefits investigations and in Sarbanes-Oxley whistleblower retaliation cases, as well as before the EEOC in connection with charges of individual and class-wide discrimination. Mr. Nelson also frequently assists clients in conducting internal investigations of high-risk and high-profile matters such as those involving potential misconduct by senior executives and corporate officers and allegations of whistle-blowing under the Sarbanes-Oxley Act and similar laws. Given the sensitive and high-profile nature of the matters he regularly handles, Mr. Nelson frequently works closely with in-house and outside resources to coordinate legal, investor relations, and media strategies and messaging.
Representative areas in which Mr. Nelson practices include:
Mr. Nelson regularly writes and speaks on employment, benefits, litigation, and data security topics. He has served as an adjunct instructor in Human Resource Law and co-authored a software package for human resource professionals. He is an active member of the American Bar Association's Section of Labor and Employment Law and the American Employment Law Council. Mr. Nelson is a member of the State Bar of Texas and is admitted to practice before the Supreme Court of the United States, the First, Fifth, and Ninth Circuit Courts of Appeals and numerous federal district courts.
Mr. Nelson received his law degree from Duke University School of Law in 1991, graduating with high honors, and his B.B.A. in economics and business administration from the University of Wisconsin - Eau Claire, graduating summa cum laude from the University Honors Program.
Alexander H. Southwell is a partner in Gibson, Dunn & Crutcher’s New York office. His practice focuses in two main areas: first, white-collar criminal and regulatory enforcement defense, internal investigations, compliance monitoring, and complex civil litigation; and, second, information technology and data privacy-related investigations, counseling, and litigation. Mr. Southwell is a Co-Chair of Gibson Dunn’s Information Technology and Data Privacy Practice Group and is also a member of the White Collar Defense and Investigations, Crisis Management, Securities Enforcement, and Litigation Practice Groups. Prior to joining Gibson Dunn, Mr. Southwell served as an Assistant United States Attorney in the United States Attorney’s Office for the Southern District of New York.
Mr. Southwell is an experienced trial and appellate attorney and regularly represents corporate executives and individuals in connection with white-collar criminal investigations and prosecutions by federal and state prosecutors as well as related civil investigations by a wide range of regulators. Mr. Southwell also regularly represents companies and boards in these types of matters and has significant experience in conducting internal corporate investigations and compliance monitoring. Substantively, his areas of expertise include securities and accounting fraud, economic sanctions violations, money laundering and Bank Secrecy Act violations, tax fraud, the False Claims Act and contracting fraud, health care fraud and compliance, the Computer Fraud and Abuse Act, the Foreign Corrupt Practices Act, the Economic Espionage Act, and public corruption, among others. Additionally, Mr. Southwell counsels a variety of clients on privacy, information technology, data breach, theft of trade secrets and intellectual property, computer fraud, national security, and network and data security issues, including handling investigations, enforcement defense, and litigation.
Mr. Southwell is honored in the 2014 editions of Benchmark Litigation as a future star and The Best Lawyers in America as a leading lawyer in the area of Criminal Defense: White-Collar.
Mr. Southwell is also an Adjunct Professor of Law at Fordham University School of Law where he teaches a seminar on cyber-crimes, covering computer misuse crimes, intellectual property offenses, the Fourth Amendment in cyber-space, computer evidence at trial, data breach and privacy issues, and information security, among other areas.
Mr. Southwell earned his undergraduate degree, magna cum laude, from Princeton University and his Juris Doctor, magna cum laude, from New York University School of Law. Following law school, Mr. Southwell was a Law Clerk for the Honorable Naomi Reice Buchwald of the United States District Court for the Southern District of New York.
Mr. Southwell also serves on the Firmwide Diversity Committee and is active with the Federal Bar Council and the Association of the Bar of the City of New York, previously serving on the Association’s Professional Responsibility Committee, the Committee on Information Technology Law and the Government Ethics Committee.
Recent significant engagements include:
Great series... would be good to include a tax considerations module in this series... huge planning opportunities.
The US is fast becoming an outlier for data protection, privacy, and cybersecurity. This presents huge challenges for American companies with an eye to expand internationally. Their "American" privacy programs do not fit the global perspective.
Good basis for further study or self-study on this very important subject.
This has become more and more relevant as time has passed- in our current political climate, it is downright scary!
very interesting and informative
This program is a must see for all attorneys, solo or large firm.
last segment was practical and useful.
Timely information and approaches. Thank you!
Solid presentation-very relevant for me.
Unlimited CLE Subscription gives you access to take almost any course from our catalog and earn as much CLE credit as you need.