Spike In Vendor-Related Data Breaches
June 17, 2021
Increased reliance on third-party vendors to perform tasks requiring personal information resulted in a sharp increase in data security incidents involving vendors in 2020, a trend that continues this year. All industries were hit, but the increase was particularly pronounced in education and healthcare. A Baker Hostetler report includes lessons to learn from the spike: Fast notification is crucial; vendor vetting is crucial; pay careful attention to contractual terms and conditions; Understand what data is collected and with whom it is shared; Limit the amount of and access to personal information; Perform ongoing due diligence of vendors. Also, beware of fourth-party risk. Engaging accounting firms or law firms requires understanding how data will be transmitted and stored. Those firms engage vendors for data management, and they could also experience data security incidents. Regulators usually focus primarily on the vendor that experienced the incident, but they can investigate a vendor’s customers.
Read full article at:
Share this post: