Allison Prout leads the contracting practice at Octillo, representing clients in complex technology transactions, honing in on the intersection of complicated compliance requirements and business needs—with a specialized focus on data privacy and security contractual requirements.
Allison’s clients include SaaS providers, data aggregators, and healthcare-covered entities. With her extensive contracting background in the technology sector, Allison concentrates on software as a service (SaaS), IaaS, and PaaS agreements, professional services agreements, software agreements, licensing and data survey agreements, hosting agreements, and more. Frequently working with clients operating under strict data privacy and security legal regimes, Allison also drafts and negotiates data processing agreements and data security addenda required under national and international law.
Allison also builds organizational contracting practices – drafting and training on templates and contracting protocols for clients, including international businesses that span multiple legal jurisdictions.
With ample insight into regulatory requirements through contracting, Allison advises clients across a breadth of national and international privacy regimes, including the California Consumer Privacy Act (CCPA) and emerging state privacy laws, the General Data Protection Regulation (GDPR), the Children’s Online Privacy Protection Act (COPPA), the Family Educational Rights and Privacy Act (FERPA) Education and New York Education Law §2-D, and industry best practices.
She also works with clients to develop tailored data privacy and security programs that align with regulatory requirements and provide practical solutions to business needs.
- Created and led the legal and contracts department for growing SaaS company.
- Drafted licensing agreements to support go-to-market strategies and partnerships with high-growth technology, SaaS, and professional services companies.
- Routinely liaised with InfoSec and Product teams to support contract negotiations and due diligence efforts.
- Worked with C-suite executives to develop internal compliance programs with a focus on the EU General Data Protection Regulation (GDPR).
- Developed company processes for FAR, GSA and FedRAMP compliance efforts.