Remember these key messages and tips to help minimise the risk of your procurement experiencing a data or privacy breach:
Value your Data
From the outset, think about the value of the data that your supplier will collect or have access to during the arrangement. This will enable you to determine the appropriate information handling and privacy requirements you'll need.Choose the Right Supplier
Ensure that your information handling and privacy requirements are part of your sourcing plan and clearly set out in your market facing documents. Award a contract to a supplier who can demonstrate a good track record of understanding and implementing privacy and data security.One size does not fit all
Your risk management strategy needs to be proportionate and tailored to the size and activity of your procurement. Data heavy supply arrangements may need to consider additional protections, including how information will be managed when a supplier transitions out.Monitor your supplier's performance against the contract
The words in the agreement are important, but ongoing contract management is necessary for early detection of possible data and privacy breaches.If you'd like assistance on managing your suppliers to meet your information handling obligations, please contact:
Rebecca Radford
9947 1403
James Stephens
99471422
Snezana Stojanoska
9947 1412
