New Data Laws Will Have Implications for Outsourcing Contracts

In a culture of global connectivity, businesses have come to rely on outside parties to carry out various services—a dynamic that saves money for the principals, but also places sensitive data in the hands of multiple caretakers. As Huw Beverley-Smith, partner in Faegre Baker Daniels London office, observed in an article published in Supply Management, “highly-publicized instances of IT system failures and large-scale data breaches have often been blamed (at least in part) on the outsourcing of the business processes in question.” The European Union, Beverley-Smith explained, will soon address these issues with new regulations aimed at holding service providers accountable for data security practices. 

“Headline changes likely to be introduced in the EU Data Protection Regulation include mandatory data breach reporting requirements, significantly higher fines and increased obligations relating to the data processing activities of service providers,” Beverley-Smith wrote.