Data Controller

Closeup image of a computer keyboard that has one key marked "Vendor Management" in red letters

Contractually Defining Information Custody Transfers

November 7, 2023
Posted in

KEY TAKEAWAYS: Information custody transfers are far more ubiquitous and riskier than most organizations appreciate. From a legal and regulatory perspective, “access to” equals “custody of.” There are specific elements and contractual assurances upon which all organizations should insist when transferring personal or proprietary information. Failure to obtain the appropriate assurances from any vendor accessing…

Read More
A closeup image of a person holding a pen and preparing to sign a document

Data Controller/Data Processor Contracts #1: Applicability

July 17, 2023
Posted in

This blog explains why and when organizations should require contracts with service providers that have access to customer or employee personal information. One of the most underappreciated aspects of data controller/data processors contracts is when they are needed. This results from either 1) a lack of awareness of their necessity, or 2) the failure to…

Read More