All posts in Vendor Management

Cartoon on GDPR Vendor Management

Daniel Solove
Founder of TeachPrivacy

 

Cartoon GDPR Vendor Management TeachPrivacy GDPR Training

This cartoon depicts the challenges of complying with GDPR’s requirements for vendor management.   Under the GDPR, there are serious responsibilities when using a vendor to process personal data.  Broadly, there are three things that data controllers must do:

1. Data controllers must perform due diligence in selecting vendors and that are complaint with GDPR.

2. Data controllers must have a contract with their vendors that includes certain provisions to ensure that GDPR is being followed.

3. Data controllers must monitor vendors for compliance.

Vendors must also comply with the GDPR.

Continue Reading