The first step to mitigate the risk of data breaches through third-party vendors is to have an effective vendor-management program. It's the best way to ensure that your vendors are doing their jobs correctly—understanding, of course, that one can delegate responsibility but not accountability. In this ongoing series for The Privacy Advisor, K Royal, CIPP/E, CIPP/US, offers tips on how best to avoid a breach via your vendor. “Breaches will happen,” Royal writes, noting if they should happen through a third-party vendor, your organization will want to “have a partner you can rely upon and not an adversary or an unknown.” Missed earlier chapters? Find them in the IAPP Resource Center.
If you want to comment on this post, you need to login.