Get Ready for the GDPR: Talking to Colleagues and Vendors
Did you know that selecting the wrong vendor or services partner could put your company at risk of violating customer data privacy regulations?
It’s true. The provisions for data protection by design (DPbD) effectively require that controllers and processors – that is, your company – may work only with vendors and service providers with a demonstrated ability to help them meet their data protection obligations. In short, selecting or working with the wrong vendor could itself be a violation of the regulation. This means that General Data Protection Regulation (GDPR) compliance substantially increases the importance of selecting the right technologies and forming deep partnerships with outside suppliers.
The GDPR is far from just another irritating policy cooked up by European Union (EU) bureaucrats. Instead, it is the most sweeping revision to European privacy and data protection legislation ever. And it isn’t limited to the EU. The legal reach of the GDPR isn’t defined by geography but by the use of the personal data of European residents. That means that it applies to any organization, located anywhere in the world that either “offers goods and services” to European residents or “monitors their behavior.” For affected firms, every single business process that touches personal data will have to be very carefully reviewed and, in all likelihood, redesigned to comply with the GDPR – or be scrapped.
In this paper, Tim Walters explains why it’s almost too late to start the conversations with partners, with proof of compliance mandated in just 12 months. If you haven’t engaged them yet, you will want to download this guide to interviewing your vendor and service partners about how they’ll support your company’s data protection obligations as specified in the GDPR.Download now