Articles and Speeches
Effective vendor management for data governance and security control
February 25, 2014
David F. Katz
Reprinted with permission of InsideCounsel
The first three articles in this series focused on the creation an internal environment that would enable a strong culture of privacy and data protection to flourish within the organization. The previous articles in the series provided suggestions on specific measures organizations could take to create the foundations for adoption of strong privacy and security controls. Once this has been accomplished to a reasonable degree by the organization, the focus can shift to movement of data outside of the control of organization.
Now, we will focus on ensuring that third parties such as vendors, contractors and subcontractors that receive or may have access to the organization's data are properly screened so that privacy and data security controls are not compromised as a result of a failure to properly select these third party vendors, and the organization has reasonable assurances that their data is properly being maintained by the third party.
Click here to view the full article.
Reprinted with permission of Inside Counsel