Riker Danzig Co-Chairman Brian O’Donnell and partners Michael O’Mullan and Maura Smith were quoted in the May 7, 2018 issue of NJBIZ in an article entitled “Vendor Vexation.” They provided guidance relating to cyber liability arising from third-party vendors and data breaches, as well as the importance of cyber liability insurance policies. Brian said, “… businesses may be liable for a data breach caused by a third-party provider. Each state has its own laws for a data breach, and there are also federal regulations if medical records are involved.” Maura noted, “The business could potentially be sued for failing to adequately protect the information, or for failing to notify individuals and taking appropriate action, and for failing to follow its own policies.” The article also notes how a security audit of a vendor may be helpful. Mike adds, “Many downstream providers will agree to a security audit that can range from a simple review of the provider’s policies and procedures all the way to elaborate penetration tests.”
Click here for the full article.