Colorado’s community of in-house attorneys convened in downtown Denver last week, commencing a new year that promises as many corporate risk management challenges as the one before.
The Colorado Chapter of the Association of Corporate Counsel held its Annual Meeting Thursday night at Union Station. In the Crawford Hotel meeting rooms couched in the historic building’s lower level, ACC members took in a data security-focused CLE and a networking reception, as well as a chance to meet this year’s chapter leaders.
ACC President Linda Ramirez-Eaves, in-house counsel at Boulder-based biotech firm SomaLogic, said this year will be pivotal for corporate attorneys due to the social climate.
“We are truly bearing witness to an incredible emergence in activism,” Ramirez-Eaves said in a speech, referencing movements like the #MeToo moment. “It’s a groundswell unlike one that I’ve ever witnessed personally.”
Those movements were relevant to in-house counsel because they made their roles as risk managers more necessary to their organizations than ever, Ramirez-Eaves said, as corporations “are clamoring to get their houses in order before they’re on the front page of the newspaper.” And those organizations continue to face growing cybersecurity threats as well. “Each of these events requires in-house counsel to have a seat at the table.”
Ramirez-Eaves said that last year the Colorado chapter put on more than 50 CLE and networking events geared toward its 700-plus members. Its goal is to increase that membership to 850, she added. She also introduced the chapter’s leadership and board members for 2018, as well as the event’s private firm sponsors: Fisher Phillips, Kilpatrick Townsend & Stockton, Lewis Roca Rothgerber, Merchant & Gould and Shook Hardy & Bacon.
Corporation Services Company, a Delaware-based registered agent services provider, presented the evening’s CLE, which discussed the ins and outs of contracting with cloud and SaaS service providers. SaaS, or Software and as a Service, is a model where the software is hosted off-site by a third party and licensed out to companies and users on a subscription basis. CSC representatives offered their risk management advice to attendees from their perspective as a SaaS provider.
Legal departments play an important role in choosing the service provider to host their company’s data, said Helena Ledic, CSC associate general counsel and director of client relations. But first in-house attorneys need to get a handle on what kind of data their organizations have across their many units, which could include trade secrets, or the “treasure trove” of information that marketing departments might have, Ledic said. Then organizations have to know which data is appropriate to store on the cloud, despite what the enterprise might want.
“It’s not quite as simple as necessarily saying, ‘We’re going to move everything to the cloud, or ‘Everything’s going to be SaaS,’” Ledic said. “There are certain things you want to keep in-house. There are certain things that you want to send out. And it’s determining what that data is.”
CSC information security expert Bryan Reed walked attendees through IT concepts that in-house counsel need to know in order to understand and negotiate SaaS provider contracts. He and Ledic explained what facets of those contracts companies will need to consider in those negotiations, including audit rights, the provider’s privacy standards, whether the provider and access the company’s data and where that data is housed.
“You know you’re not going to get everything that you want,” Ledic said. “But it’s that risk analysis of what works for the business, and what are some of the things that you can put up with, and what are some of the things that you can’t put up with.”
Ultimately, choosing a SaaS provider or cloud service requires a meeting of the minds among the organization’s legal, IT and procurement departments, Ledic and Reed said. It’s ideal when the different groups can sit down with the SaaS provider to discuss what, from each of their perspectives, the company needs from it. CSC also presented the CLE at last year’s ACC Colorado Chapter Annual Meeting, which offered attendees a “Technology 101” primer across a range of IT concepts that concern legal departments.
— Doug Chartier