IT Governance, Risk, and Compliance

May 5 2013   7:14PM GMT

Revisiting the Safeguarding of Information Assets – Part XIII

Robert Davis Robert Davis Profile: Robert Davis

Prescriptively; utilizing security, privacy and intellectual property clauses in contractual agreements may aid in clarifying expectations as well as reduce adverse outcomes in post-facto legal disputes. Parties to information asset related contracts should consider documenting terms for:
• signing non-disclosure agreements;
• granting the right-to-audit contractor controls;
• limiting the right-to-access specific information;
• processing the return or destruction of all records at contract termination;
• ensuring implementation of audit trails to closely monitor how information is handled;
• utilizing encryption technology that allows only authorized individuals to view decrypted data;
• addressing approval by applicable government oversight agencies of any subcontracting arraignments; and
• identifying and separating personal and/or confidential information being handled under a contract from other data held by the contractor.

Source:

Hillier,  Peter J. “Transborder Data Flow – Intruding on Privacy?” knowledgeleader.com.  (August 2006). http://www.knowledgeleader.com/KnowledgeLeader/Content.nsf/Web+Content/TFTransborderDataFlowIntrudingonPrivacy!OpenDocument&NWeekly
(accessed April 21, 2008).

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: