Not Managing 3rd Party Relationships Can Result in Data Protection Violations

Recent news both in the U.S. and UK have highlighted the obvious fact that failure to manage third-party relationships involving regulated data can result in data protection violations.  Here are the important questions tech company executives should be asking:

1. Do you know what third parties are accessing, processing, or storing regulated data for your company? ​
2. What steps are you taking to ensure that third parties protect and use your data appropriately? Third-party diligence and oversight is now a regulatory obligation under data protection laws like the GDPR, NYDFS, FAR and others. A systematic process to assess third parties and demonstrate compliance is imperative.
3. How can you effectively meet your regulatory obligations? Start with an independent privacy audit and gap assessment then implement a course of action from there.

      Written by Intuitive Edge Team

---