The Wrong-Headedness of Hindsight Standards — Michelle Yeary | Drug & Device Law Blog

May 27th, 2019|Categories: HB Risk Notes|Tags: , , , , , , , , , , , , |

Dechert LLP attorney Michelle Yeary cautions against applying perfect hindsight to drug liability. "We all know hindsight is 20/20.  And, it’s easy.  There are dozens of television and radio programs that thrive on Monday morning quarterbacking.  There’s no risk in saying the coach should have called for a pass when you already know the run didn’t work.  It’s also dangerous because it’s easy.  People are often too quick to point out that you should have taken path B after everyone learns path A is full of potholes.  Pointing it out is one thing, holding you liable for it is another." Yeary takes a look at what happened in Holley v. Gilead Science, Inc., 2019 WL 2077845 (N.D. Cal. May 10, 2019). The case involves two of the main active ingredients in AIDS drugs: TDF and TAF. The plaintiff alleges that the defendant should be responsible for allegedly knowingly using TDF over TAF (allegedly a safer alternative). TDF was FDA approved first and TAF second.  Unfortunately, Yeary wrote, hindsight "can be used to demand perfection," allowing  plaintiffs to "proceed on what is essentially a stop-selling theory," that first-generation drugs should not be submitted to the FDA because, in hindsight, "later approved treatments were safer." That's what happened in Holley, she said. Read the complete post by Michelle Yeary on the Drug and Device [...]

Moving Your Corporate Data to the Cloud: Top 13 Things to Think About as you Review Your Hosting Agreement — Judy Selby Consulting

May 6th, 2019|Categories: HB Risk Notes|Tags: , , , , , , , , , , , |

Some data migration risks can be mitigated at the cloud contract stage, Allison Bird, Judy Selby’s partner at Clearview Privacy Consulting LLC, explains. Regarding indemnification, Bird says, "If data is lost or exposed by the hosting company, your company as well as any affiliates who use the services will be subject to suits from clients and individuals whose data was impacted.  You may also be subject to regulatory scrutiny which could result in legal costs and regulatory penalties.  To the extent possible, negotiate a full indemnification of third party claims arising out of the hosting services." She says the limitation of liability section of your hosting agreement "may be the single most important" part.  "Your hosting company may make a lot of promises in the agreement.  However, if their liability under the agreement is significantly capped, you won’t receive the monetary compensation necessary to make up for hosting company’s acts and omissions that damage the company. Negotiations for a higher cap will translate into real dollars in the event of a security incident." Of course, insurance is always a good solution if done right. "You can negotiate the perfect contract but unless your hosting company has a deep pocket, it may not have sufficient capital to make good on contractual obligations in the event of a breach or data loss situation, especially one [...]

The Cloud: Selected Benefits, Risks, and Insurance Coverage Issues (Part 1) — Barnes & Thornburg

May 6th, 2019|Categories: HB Risk Notes|Tags: , , , , , , , , , , , , , , , , |

  Cloud Risk: Do You Transfer Liability Along with Data? Many of us were using data clouds before we even knew what they were. Now, while most of us are comfortable with the concept, we may not be comfortable knowing who is liable when data is lost, damaged or breached. It's not a given that your cloud provider absorbs any liabilities, and it's not a given they can even afford the liability should it arise. Below are quotes from an article by Scott Godes, Kara Cleary, and Heidi Fessler of Barnes & Thornburg LLP on the subject, and a link to their complete article.  Godes, Cleary, and Fessler list several cloud-related risks: data breaches, data loss, interruption of access, compromised credentials and broken authentication, and denial of service.  But two other categories for concern are:  #1. BYOC, or Bring Your Own Cloud. Employees may be innocently using productivity applications that store work data on non-company clouds, in effect, "bringing their own clouds" to the workplace. #2. Multi-Tenancy. This involves risks posed when unrelated cloud users are sharing the same computing resources.  "Both the cloud provider and the user must be aware of system and data security to prevent a breach in the security. In addition, when a risk is realized, it may not always be clear who is at fault for the [...]

Go to Top