63% of data breaches involve a third party relationship.

The new General Data Protection Regulation – which comes into force in May 2018 – may at first blush seem like “just another EU rule”. However, organizations – and specifically third party risk management teams within them – would take a “tick-box” approach to compliance at their peril.

In fact, the GDPR is such a significant new rule that any organization that does business with EU nationals and holds some form of personal data on them, should dedicate the the time and resources to take a more strategic approach to risk management and compliance within 2017, rather than waiting until next year, or complying more tactically. Compliance with this rule requires a strategic approach because:

  • It is an EU regulation, but with significant extraterritorial implications. For example, it effects data about EU citizens processed elsewhere around the world.
  • Organizations have significant new risk responsibilities regarding the third parties they engage, who work with impacted personal data.
  • The new rule has much more robust protections woven into it for privacy, data protection, and consent.
  • The rule requires data protection to now be built into new products, rather than tacked on as an afterthought.
  • New fines and sanctions built into the rule are much more severe than under the previous rule – and would apply in the global way in which the rule is written.

For more information about the Aravo solution for GDPR Third Party Risk Management, please contact us.

Aravo GDPR - Executive Briefing.

 

Related Content:

Expert Series Podcast - Session 1 - GDPR & Why Organizations Need To Be Thinking About Third Party Risk

Infographic - EU GDPR & Third Party Risk - 5 Steps You Can Take Today

Blog Post - The EU GDPR & Third Party Risk: Why Global 2000 Companies Should Be Focused on Third Party Compliance

Executive Download - Third Party Risk Management in the Dynamic of Business Scale, Complexity, and Change

Executive Download - Buyers Guide to Third Party Risk Management

OCC Update Briefing 2017-7 - The OCC's Supplemental Examinations Procedures for Third Party Relationships Raising the Bar for Banks' Third Party Risk Management

Blog Post - OCC BULLETIN 2017-7: The OCC's Supplemental Examinations Procedures for Third Party Relationships

Analyst Podcast - Session 1 - How to Develop a Third Party Management Strategy

Request A Demo of Aravo Third Party Risk Management Solutions