Community

Find answers, ask experts and talk with the procurement community

Tools

Do you want to deliver savings faster, reduce risks and transform functional performance?

Industry-leading events

Inspirational thinkers and innovators share their vision, providing unique opportunities to network and share best practice

Upcoming events

Data, Intelligence & TechX Forum

Executive Briefing: November, 2018

Forum: November, 2018

The Crystal, London

DITX 2017 is Europe’s ONLY event specifically designed for procurement professionals wanting to capitalise on a whole new set of digital opportunities that disrupt yet provide new transformative, value adding capabilities for procurement.

6th Annual World Procurement Congress London

Executive Briefings - 15 May, 2018
Congress - 16-17 May, 2018

World Procurement Congress organised by Procurement Leaders is the undisputed leader in the field, featuring cutting-edge content and real life case studies from inspiring speakers.

Resources

My Profile

GDPR: What you should be worried about

Procurement GDPR

With the European Union’s (EU) new General Data Protection Regulations (GDPR) fast approaching, procurement needs to be aware of the changes this will entail and how it can mitigate any risk posed by suppliers.

 

Coming into effect May 2018, the regulations aim to give EU citizens more control over how their personal data is used, as well as to try and streamline rules for international businesses. Names and address and other sensitive information relating to an individual’s professional or public life must be handled correctly by businesses and their suppliers, or they risk incurring significant fines.

 

Those who haven’t started preparing for these changes are leaving their businesses exposed. With a few months remaining there is still time to take action, but it needs to be done quickly.

 

Here are some things to look out for:

 

  1. Make sure everyone is up to speed

 

An understanding of the regulations is essential no matter what industry you are in. Businesses in the public sector, firms that use online marketing services and financial services companies need to be particularly cautious because of the volume of personal data they handle, however.

 

It is essential to work collaboratively with your organisation’s data ‘controllers’, those who decide how information is used; and ‘processors’, who process that information on behalf of controllers. This enables procurement executives to understand exactly how the business used this information and what the new rules will mean for that use.

 

Outside of this, it is essential to ensure any suppliers who deal with personal data know of these changes and are working to guarantee they meet the standards laid out.

  1. Reporting

 

In the past, data breaches didn’t need to be reported. However, under GDPR, a breach must be noted within hours of it happening. Fail to comply and firms could face fines of up to €20m or 4% of annual global turnover – whichever is greater.

 

To reduce this risk, you must understand what this means in terms of any breaches that occur within supplier organisations. Conversations with the legal department or outside legal experts is key.

 

  1. Attention to detail

 

Procurement will be expected to understand their supplier contracts in much more detail. They will also need to keep a record of all processing operations under their responsibility and quickly report any data breaches. Without keeping a close eye on all these details, the threat to the business could quickly increase.

 

As with any new regulations, it will take time for procurement to get completely up to speed. But, with little time remaining, it is essential to take action now.

 

Procurement Leaders members can read a more detailed analysis of what GDPR will mean here and here.

 

In light of the forthcoming GDPR, ensure you stay up to date with the latest procurement insights, shared intelligence and opportunities from Procurement Leaders by subscribing to alerts.

 

This article is a piece of independent writing by a member of Procurement Leaders’ content team.

Sophie Dyer
Posted by Sophie Dyer

Want to learn more? Please fill in your details to hear from us.

Loading...