We are highly experienced in incorporating information security and privacy protections into every aspect of technology transactions, including those in the cloud and those involving offshore providers. We have developed specific tools for integrating information security into the entire contracting process, from initial vendor contact through contract negotiation and post-execution monitoring. These tools scale to reflect the sensitivity of the data involved, including whether the data is the subject of state, federal, or international regulation and/or contractual requirements (e.g., payment card industry data security standard, card association rules, and so forth). We have devoted much of our practice to assisting clients in regulated industries to ensure their technology contracts pass regulatory muster with regard to their sensitive data. In fact, we have developed checklists for compliance that have been reviewed and approved by their regulators.