{"id":634143,"date":"2023-04-22T09:56:00","date_gmt":"2023-04-22T14:56:00","guid":{"rendered":"https:\/\/news.sellorbuyhomefast.com\/index.php\/2023\/04\/22\/how-to-vet-your-vendors-ensuring-data-privacy-and-security-compliance\/"},"modified":"2023-04-22T09:56:00","modified_gmt":"2023-04-22T14:56:00","slug":"how-to-vet-your-vendors-ensuring-data-privacy-and-security-compliance","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2023\/04\/22\/how-to-vet-your-vendors-ensuring-data-privacy-and-security-compliance\/","title":{"rendered":"How to vet your vendors: Ensuring data privacy and security compliance"},"content":{"rendered":"<div id=\"boilerplate_2682874\">\n<p><em>Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success<\/em>. <em><a href=\"https:\/\/avolio.swapcard.com\/Transform2023\/registrations\/Start?utm_source=vb&#038;utm_medium=boiler&#038;utm_content=landingpage&#038;utm_campaign=T23_BoilerPlates\">Learn More<\/a><\/em><\/p>\n<hr>\n<\/div>\n<p>Big data has big implications for businesses thanks to its unique ability to provide the information needed to scale and succeed.<\/p>\n<p>But as data usage grows, issues of data security, privacy and compliance have come into focus, capturing the attention of both customers and regulators. As a result, strict regulations like the <a href=\"https:\/\/venturebeat.com\/security\/data-protection-regulations-arent-enough-to-safeguard-your-data\/\">GDPR<\/a> and CCPA have been introduced to dictate standards for companies that wish to operate both locally and internationally.<\/p>\n<p>While this means that more businesses are taking data compliance more seriously, what many still overlook is the data privacy measures and compliance record of their third-party vendors \u2014 often only considering them at the last stage of the procurement process. This can lead to a nasty surprise for businesses that must still rely on the data compliance of their vendors: A vendor\u2019s lack of compliance can compromise a business\u2019 own.<\/p>\n<p>In other words, it\u2019s not enough for companies to ensure their own data compliance. They have a responsibility to make sure that their vendors are compliant as well. Here\u2019s why and how businesses should vet their third-party vendors before working with them.<\/p>\n<div><body><\/p>\n<div id=\"boilerplate_2803147\">\n<h3>Event<\/h3>\n<div>\n<p><span>Transform 2023<\/span><\/p>\n<div id=\"gm0a52976\">\n<p>Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.<\/p>\n<\/div>\n<\/div>\n<p><a href=\"https:\/\/avolio.swapcard.com\/Transform2023\/registrations\/Start?utm_source=vb&#038;utm_medium=incontent&#038;utm_content=landingpage&#038;utm_campaign=T23_incontent\"><br \/>\n                Register Now            <\/a>\n                        <\/p>\n<\/div>\n<p><\/body><\/p>\n<h2 id=\"h-the-nature-of-vendor-data-compliance\">The nature of vendor data compliance<\/h2>\n<p>Third-party vendors\u2019 data and compliance, or the lack thereof, can hurt organizations\u2019 own compliance with data-related regulations, potentially with a significant negative impact on their business.<\/p>\n<p>Why exactly? Incomplete, inaccurate or noncompliant data, regardless of where it comes from, can quickly lead to <a href=\"https:\/\/www.kpmgsofy.com\/blog\/data-management\/five-examples-of-bad-data-quality-in-business-execution\/\" target=\"_blank\" rel=\"noreferrer noopener\">poorly informed<\/a> strategic and operational decisions which can erode a company\u2019s <a href=\"https:\/\/hbr.org\/2022\/11\/bad-data-is-sapping-your-teams-productivity\" target=\"_blank\" rel=\"noreferrer noopener\">productivity<\/a>, reputation and bottom line.<\/p>\n<p>For example, if your sales teams are operating according to bad data \u2014 reaching out to people who don\u2019t wish to be contacted, are no longer relevant or have outdated contact information \u2014 it becomes very easy to waste effort, lose time and money and even <a href=\"https:\/\/www.prnewswire.com\/il\/news-releases\/b2b-sales-must-reform-lusha-data-report-finds-poorly-targeted-sales-outreach-directly-damages-company-reputation-301572952.html\" target=\"_blank\" rel=\"noreferrer noopener\">damage a brand\u2019s reputation<\/a>. And because companies can be held accountable and fined for compliance breaches for their use of data, it is important to use a trustworthy and compliant vendor.<\/p>\n<h2>What organizations can do about it<\/h2>\n<p>A company\u2019s compliance record is only as strong as its weakest link, so they must vet and approve any potential vendors and partners before signing on to work with them, as well as assess their existing vendors to confirm that they are data compliant.<\/p>\n<p>To do so, organizations must ask the right questions and take the following precautions:<\/p>\n<p>First, make sure your vendors meet the requirements of any necessary regulations or certifications, such as GDPR, CCPA, ISO, TRUST-e and IAPP, and the more, the better. This not only proves that a company takes data privacy seriously, it widens the scope of where and how data can be used (GPDR compliancy = EU reach).<\/p>\n<p>Once certifications are checked, organizations must understand how a given vendor uses its data. Is it providing temporary access to licensed data or selling this data indefinitely? Does it sell <a href=\"https:\/\/venturebeat.com\/data-infrastructure\/this-week-in-data-first-know-your-customer\/\">customer data<\/a> to third parties? Where is it getting its data from, and how is it collected and stored? A vendor that can\u2019t keep its data sharing and usage practices above board can\u2019t necessarily be trusted to be honest about or meet requirements for compliance.<\/p>\n<h2 id=\"h-adherence-and-compliance-through-data-infrastructure-and-security-measures\">Adherence and compliance through data infrastructure and security measures<\/h2>\n<p>Equally as important is ensuring that the vendors actually adhere to regulatory requirements and checking what data privacy infrastructure and security measures they have in place. Do they employ permission and user access controls, employee security awareness, patch management, system configuration management and periodic penetration testing? <\/p>\n<p>How do they handle data subject concerns? Do they notify new data subjects? Is there an opt-in\/opt-out feature? Are databases accurate, and are they updated regularly based on customer feedback and privacy requests? <\/p>\n<p>If the answers to these sorts of questions are consistently \u201cno,\u201d then it may be time to look elsewhere.<\/p>\n<h2 id=\"h-the-right-data-security-and-privacy-mindset\">The right data security and privacy mindset<\/h2>\n<p>Finally, ask about the organization\u2019s overall mindset and handling of <a href=\"https:\/\/venturebeat.com\/data-infrastructure\/what-is-customer-data-definition-types-collection-methods-and-analysis-best-practices\/\">data security<\/a> and privacy. Have they made it a priority across their organization? Do ALL employees receive data and privacy-related training, even if the entire team doesn\u2019t work on those issues directly? A third-party partner that goes above and beyond in this capacity will make for a more reliable and proactive partner across the board.<\/p>\n<p>Decision makers shouldn\u2019t be afraid to ask pointed questions and express concerns when vetting new and existing vendors \u2014 asking these types of questions and acting accordingly are key to upholding privacy principles like purpose limitation. The vendors and partners a company chooses to work with can have a significant impact on success, so it is critical to ensure that these partners are reliable from a data perspective, and of course, beyond.<\/p>\n<p>Likewise, when courting potential vendors, a lack of transparency regarding any of the above issues should be a major red flag<strong> <\/strong>and lead to a re-evaluation of the relationship.<\/p>\n<h2>Business as usual in the data age<\/h2>\n<p>We live in an age where data security and privacy are not a \u201cnice to have.\u201d They are a must, especially because data itself is a must. So, if organizations want to operate in the global economy safely and successfully, they must make data-related issues a top priority. This applies to both their internal data procedures and those of their vendors.<\/p>\n<p>By asking the right questions and ensuring that their partners are as dedicated to data compliance as they are, organizations can earn the peace of mind that their business operations are fully up to standard and compliant.<\/p>\n<p><em>Assaf Eisenstein is cofounder and President of <\/em><a href=\"https:\/\/www.lusha.com\/\" target=\"_blank\" rel=\"noreferrer noopener\"><em>Lusha<\/em><\/a>.<\/p>\n<div id=\"boilerplate_2736392\">\n<h3 id=\"h-datadecisionmakers\">DataDecisionMakers<\/h3>\n<p>Welcome to the VentureBeat community!<\/p>\n<p>DataDecisionMakers is where experts, including the technical people doing data work, can share data-related insights and innovation.<\/p>\n<p>If you want to read about cutting-edge ideas and up-to-date information, best practices, and the future of data and data tech, join us at DataDecisionMakers.<\/p>\n<p>You might even consider\u00a0<a rel=\"noreferrer noopener\" target=\"_blank\" href=\"https:\/\/venturebeat.com\/contribute-to-datadecisionmakers\/\">contributing an article<\/a>\u00a0of your own!<\/p>\n<p><a rel=\"noreferrer noopener\" href=\"https:\/\/venturebeat.com\/category\/DataDecisionMakers\/\" target=\"_blank\">Read More From DataDecisionMakers<\/a><\/p>\n<\/div><\/div>\n<p><a href=\"https:\/\/venturebeat.com\/security\/how-to-vet-your-vendors-ensuring-data-privacy-and-security-compliance\/\" class=\"button purchase\" rel=\"nofollow noopener\" target=\"_blank\">Read More<\/a><br \/>\n Assaf Eisenstein, Lusha<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More Big data has big implications for businesses thanks to its unique ability to provide the information needed to scale and succeed.But as data usage grows, issues of data security, privacy and compliance<\/p>\n","protected":false},"author":1,"featured_media":634144,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[69375,46,44880],"tags":[],"class_list":{"0":"post-634143","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-ensuring","8":"category-technology","9":"category-vendors"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/634143","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=634143"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/634143\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/634144"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=634143"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=634143"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=634143"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}