How Can We Help?
-
Regulatory Compliance
- Can my company be held legally responsible for the failure of my vendor to meet regulatory guidelines?
- Why should we be concerned about compliance if our business is not in finance, healthcare, or otherwise not subject to existing data protection regulations?
- How can we transfer data protection regulatory liabilities to a vendor?
- What methods of data destruction are required by regulations such as GLBA, HIPAA, SOX, or HITECH?
-
Client FAQ
-
- Do you donate computers or can we donate equipment to you?
- What equipment or electronics waste (e-waste) do you accept?
- Do you provide lease return management services?
- What computers and IT equipment do you buy?
- Do you offer company and employee buyback services?
- Can we visit your site for inspection?
- Do I have to package the equipment?
- How much notice is needed to schedule a pickup?
-
Insurance
-
ITAD & Recycling Industry
-
Service Questions
< All Topics
Print
How can we transfer data protection regulatory liabilities to a vendor?
There is no legal mechanism for transferring data protection regulatory liabilities to a vendor.
You can contract your disposal and data destruction vendors to be financially responsible for items such as the cost of a breach notification or legal fees associated with a result of a non-conformity.
The data controller or covered entity (owner of data) has an unavoidable responsibility to applicable regulatory compliance.
A vendor that claims to indemnify a client of such responsibilities is incorrect either purposefully to simplify a transaction with a client, or as a result of an incomplete understanding of data protection regulations and compliance.
Can’t find what you’re looking for?Ask us here and we will be in touch within one business day.