Are Your Vendors Putting You at Risk Under California’s New Privacy Law?
Under California’s groundbreaking privacy law, general counsel face stringent compliance requirements for managing the personal data of consumers, including personal data shared with third parties, points out the Association of Corporate Counsel.
The issue can be far-reaching, considering that 60 percent of a company’s personal data resides with third parties, the ACC says on its website.
“Companies must take stock of what personal data their company has, where it resides, how long it’s retained, and third parties with whom they share their data. Third-party diligence is explicit or implied in the CCPA, the GDPR, Colorado’s Privacy Legislation, 23 NYCRR 500, and many others,” the organization warns.
The ACC has posted a white paper titled “Third-Party Data Compliance” to review seven important considerations for every general counsel. The paper can be downloaded at no charge.
The ACC provides its Vendor Risk Service, the world’s only third-party diligence process designed specifically to help corporate legal teams rapidly assess third parties and meet compliance requirements.