For many, one of the most challenging aspects of GDPR has been the process of identifying all your suppliers, putting contracts in place, managing these relationships, and preventing data breaches.
The fear of breaches is well founded, with third-party data breaches reported to have increased by 35% year on year (2018-2019).
The GDPR tells us what should be included in contracts and that businesses need to demonstrate accountability. That is, you need to make sure suppliers are doing what they say they are going to do through risk assessments and audits. This includes understanding how your supplier network will respond to data breaches.
For organisations with hundreds of suppliers it’s simply not possible to risk assess every single one– you need to risk assess the risk assessments! This is the point at which technology can help to automate some of those activities.
Tune in on 23 July at 2pm as we team up with Exterro to explore:
- Who are your vendors? How do you uncover shadow IT?
- What are the core GDPR contractual requirements and what does this mean in reality?
- How do you balance which suppliers are riskiest?
- How do you implement vendor risk assessments to demonstrate defensibility?
Host Stuart Davidson, Marketing Director at Exterro will be joined by,
- Debbie Evans, Group Data Protection Officer at Rentokil Initial
- Julia Porter, Partner at Data Protection Network Associates
- Julie Varcoe-Cocks, Head of Ethics Regulatory and Compliance / Data Protection Officer at Serco
You will also have the opportunity to ask you questions in a 15-min Q&A session following the main discussion.