With an emphasis on third parties, GDPR makes data protection procurement’s problem. Data protection is – or at least should be – on every procurement professional’s mind.
Supply Management looks at what it means for procurement. Leo Martin contributed to the discussion.
The new regulation requires much tougher controls over what an organisation’s suppliers do with personal data. “One of the most significant changes is the imposition of compliance obligations on both the data controller [the company that decides how the data will be used] and the data processor [the company that works on the data for the controller],” explains Leo Martin, director of business ethics and compliance firm GoodCorporation.
“Third parties involved in data processing as part of their contract are required to assist the contracting organisation in complying with its GDPR obligations. This involves accepting the contractual requirements that must now be included in any third-party agreement with an organisation processing data on your behalf.”
Posted December 2017
Comments from GoodCorporation on why businesses must operate responsibly Chartered Secretary – August 2011
The need for effective global compliance and governance has never been more pronounced. Failing to get these vital areas of management right can have lasting and damaging consequences for international corporations. From our Business Ethics Debates we know how much…
Leo talks to Ed Mitchell about business ethics on Share Radio’s afternoon show listen to ‘Leo Martin, Director and Co-founder of Good Corporation’ on audioBoom //