How should firms handle their relationship with suppliers to minimize privacy and data security risks?
Date: Thursday, May 27th, 2021
Time: 2:00 pm – 3:00 pm ET
Most IIROC firms are well positioned in respect of their internal controls to protect the personal information of their clients and employees. However, these controls are not sufficient to protect firms from privacy and data security risks associated with the use of third-party suppliers, such as IT vendors and other service providers. These parties are very often the weak link in privacy and security, and increase risks associated with regulatory investigations and legal actions against firms, especially in the context of data breaches. It is hence critical for firms to understand the applicable legal framework and appreciate the privacy and security risks associated with outsourcing. These risks can be significantly reduced by approaching suppliers’ engagements with an understanding of the inherent risks and implementing a supplier due diligence privacy assessment as well as a compliance strategy to address those risks. With the growing number of security incidents taking place, it is more important than ever for firms to properly document their service provider agreements and determine each party’s responsibility upon an incident impacting personal information taking place.
Join Eloïse Gratton, and Elisa Henry, Partners and National Co-Leaders, Privacy and Data Protection at BLG for a discussion of the importance of, and strategies for Supplier Due Diligence in order to manage privacy and data security risks.
Please click here to view Eloïse and Elisa’s bios.
To register for the webinar, please click HERE.