For suppliers
We work with suppliers, often Software as a Service (SaaS) providers and software vendors, embarking on responding to invitations to tender (ITTs) supporting them to understand and demonstrate the compliance of their product and organisation with legal and data protection requirements as part of procurement processes.
To coincide with London Tech Week 2024, one of the key themes of which is ‘The Future of Security and Data’, and following the revelation in the DSIT Cyber Security Breaches Survey 2024 that few organisations are conducting supply chain risk assessments, Handley Gill’s specialist consultants have published their Helping Hand checklist on conducting data processor / supply chain information security risk assessments which is informed by NCSC guidance.
Handley Gill’s specialist data protection consultants consider the options and certification requirements for US entities importing personal data from the EEA following the adoption of the European Commission’s adequacy decision in respect of the Trans-Atlantic EU-US Data Privacy Framework, providing a lawful basis for transferring personal data to the US under the GDPR.
Handley Gill Limited’s specialist data protection consultants consider the impact of the European Commission’s adequacy decision in respect of the Trans-Atlantic EU-US Data Privacy Framework and the steps controllers and processors should take in relation to transfers of personal data from the EEA and UK to the USA.
A commitment to establishing a UK-US data bridge, which would take the form of adequacy regulations being issued by the Secretary of State pursuant to section 17A Data Protection Act 2018, has been announced. Since this bridge is likely to be contingent on the European Commission issuing its own adequacy decision, and the draft has recently been rejected by the European Parliament, data exporters will be reliant on the Commission ramming through the roadblock or will find themselves stuck in traffic on the UK-US data flyover.
With the summer holiday season in full swing, Handley Gill Limited’s specialist data protection and cyber resilience consultants consider the data protection and information security risks of staff taking data and devices used for business purposes overseas and the practical measures that organisations can take to safeguard data subject to border control powers.