Vendor and Cloud Privacy Assessments

Laws and regulations may hold your organization responsible for data breaches caused by your organization’s vendors.  In addition, under the European Union (EU) Privacy Directive and other laws, transfers of data to third parties are required to be contractually protected and vendors must be vetted to ensure they provide an adequate level of protection for the personal data they receive. These vendors can include cloud service providers, law firms, consultants or auditors, data destruction companies, human resource system providers, medical billing services, and many others. 

To help ensure that your vendors are not the weakest link in the protection of your organization’s data, Lunarline can audit the privacy and security practices of your third party vendors who have contact with your client, employee or customer personal and confidential information. These audits will identify key weaknesses in the vendor’s ability to protect your company’s data and, will in turn, create a remediation plan to address and mitigate these weaknesses.

Don’t sacrifice the protection of personal data or your company’s reputation by not understanding the true nature of your vendor’s privacy and security practices. It pays to be proactive. 

Lunarline’s specific services include:

  • Conducting privacy third party contract reviews (or Section M of the Privacy Act) reviews
  • Drafting of EU Standard Contractual Clauses
  • Third-Party Data Privacy Assessments and Audits
  • Data mapping for cross-border transfers of data
  • Vendor Breach Remediation Preparation
  • Cloud Computing Privacy Procedures Development