This resource helps buyers determine which privacy tools are the most appropriate for their business needs.
2020 saw a sharp spike in the number of incidents involving vendors, which amounted to over 25 percent of the total incidents handled in 2020, and the trend is continuing well into 2021.
When considering the termination of a vendor relationship, you must consider the vendor, the contract and the business impact. Although this article is aimed at the privacy considerations in terminating a vendor relationship, there are other considerations within a general business frame. Full article: Third-Party Vendor Management Means Managing Your Own Risk: Chapter Nine
To maintain your compliance, you will have to track your third-party suppliers and how they handle any customer record data you pass over to them. These suppliers have to meet the same security and privacy standards as your internal team. However, it’s not enough to ask around this at the beginning of any relationship – […]
Any organization that processes the personal data of data subjects in the European Union should be concerned about having updated data processing agreements in place with vendors and partners with whom they share the data. Having up-to-date data processing agreements in place can also protect an organization from liability in the future, and avoid the potential […]
Together with the GDPR’s elaborate requirements for transparency, due diligence, risk analyses, documentation and security, this rude awakening should create a perfect storm. It can incentivize organizations to understand, prioritize and deploy digital supply chain management to ensure the sources of their data are wholesome, their vendors resilient and their customers accountable for their actions. […]
On April 30, 2018, the U.S. Federal Trade Commission (FTC) released for public comment an administrative complaint and proposed consent agreement with mobile phone manufacturer BLU Products Inc. and its owner and president. Although the FTC has entered into many settlements relating to privacy and data security, this proposed settlement is particularly noteworthy for two […]
Recently, a Walmart vendor inadvertently exposed the data of over 1.3 million people online. Here are some tips for avoiding that situation at your company. Reducing third-party risk depends on appropriate vendor selection. Vet all potential vendors to ensure they have share the same values as your organization when it comes to data privacy and […]
Data lifecycle practices have appeared as standard issues on third-party risk-management checklists for years, particularly in regard to privacy and data monetization. Privacy pros have been asking good questions, and drafting provisions to cover data collection minimization, use limitations, and secure deletion, but have we thoroughly thought through the potential for third party exploitation of […]
Although the GDPR accommodates modern business practices of outsourcing data storage and analytics, as well as marketing communication and other functions, it requires that data controllers choose their data processors carefully and bind them with required contractual terms to GDPR’s risk-based standards. The GDPR did not invent vendor management responsibilities. Organizations have long had procurement […]