The incoming General Data Protection Regulation (GDPR) will have a significant impact on a company's procurement process.
Sarah Williamson, partner in the Commercial & Technology team, writes in Supply Management about the impact of GDPR on a company's supply chain.
“GDPR is set to become a huge issue in the supply chain. If you’re outsourcing data processing services, the imposition of direct obligations onto processors down the supply chain does not exonerate or detract from your liability to your customers.”
The rise of data processing using artificial intelligence could also present a risk to companies. Despite GDPR coming into effect in less than a year, regulatory certainty around the processing of data by algorithms does not yet exist. Organisations will need to internally test where algorithms could be leaving them exposed to huge fines and business disruption.
But Sarah adds that companies should view GDPR as an opportunity rather than merely a compliance issue:
“It is an opportunity for those who want healthy relationships with customers to adopt a best-in-class, privacy by design approach."
“This must apply up and down supply chains. If your company wants the competitive advantage that goes with this, you’ll need to know that your suppliers are taking the matter as seriously.”
Consistent with our policy when giving comment and advice on a non-specific basis, we cannot assume legal responsibility for the accuracy of any particular statement. In the case of specific problems we recommend that professional advice be sought.