合同合规面临的最大数据隐私挑战

2Top Data Privacy Challenges for Contract Compliance.Table of ContentsIntroductionTop Current Data Privacy ContractCompliance Challenges1: Adopting the EU’s Standard Contractual Clauses2: Keeping Up with the States Within the U.S. That Are Introducing New Data Privacy Laws3: Identifying and Mitigating Adjacent Data Privacy RisksHow Do You Get Started?Scenario A: You’ve Collected a Lot of Sensitive Data from Your CustomersScenario B: YouAre the CustomerWhat Is Contract Intelligence?How Workday Creates Contract IntelligenceHow Contract Intelligence Supercharges Contract ComplianceWorkday Offers Fast Implementationand ROI 3456788910101314 3Top Data Privacy Challenges for Contract Compliance.Introduction.The data privacy regulatory landscape is quickly becominghyper-fragmented with dozens of new, updated, or proposedlaws. Outdated compliance practices expose businesses tolegal landmines that damage reputations and cost millions ofdollars. Contract intelligence can help.How do businesses’ compliance and legal teams thoroughlyaddress nascent compliance challenges while avoiding theunfortunate label of “blocker” or “bottleneck”?You might think that’s a trick question. It isn’t.From the GDPR to the CCPA and beyond, businesses have a range ofregulatory challenges to tackle just within the context of data privacy—and these obstacles frequently entail overhauling a business’s entireportfolio of contracts. When an organization has 10,000 commercialagreements to update and only 2 people to do it, it’s easy to see wherethe operational bottlenecks originate.However, addressing every new wave of regulations does not have tobe a Sisyphean struggle. Innovations in technology are giving lean teamsthe knowledge and power to efficiently clear even the most complexcompliance hurdles. It’s not the future—they’re doing it today, and youcan too.Here are the three most pressing data privacy compliance issues keepingcompliance officers and general counsel up at night this year, plussome advice on how contract intelligence can help you streamline yourcompliance efforts with confidence. 4Top Data Privacy Challenges for Contract Compliance.Top current dataprivacy contractcompliance challenges.One of the biggest challenges that businesses face in the digital age issafeguarding their customers’ personal data—the information a businesscollects from customers that could be used to identify those customers,from names and contact information to web-browsing habits. If yourbusiness handles so much as a list of email addresses collected througha form on your website, then you’re handling customers’ personal data.Ensuring that your business doesn’t run afoul of data privacy regulationsprotecting that sensitive customer data is not a simple task. The reasonit’s difficult for compliance and legal teams to keep up with data privacyregulations is that many of those laws either are completely new or haverecently been revamped in response to new developments.On top of that, the regulatory landscape is heavily fragmented, withdata privacy legislation recently enacted or in consideration everywherefrom the supranational to the municipal level. Is your business providingadequate data security to consumers to comply with existing regulations?Looking forward, are you aware of all of the prospective legislation onthe horizon?Answering these questions requires taking a step back to make senseof the regulatory landscape. Here are three pressing data privacychallenges that businesses must face today and some guidance on howto get started:1.Adopting the EU’s standardcontractual clauses.2.Keeping up with the states within the U.S.that are introducing new data privacy laws.3.Identifying and mitigating adjacentdata privacy risks. 5Top Data Privacy Challenges for Contract Compliance.Adopting the EU’s standardcontractual clauses.The most prominent data privacy regulation on a global scale is theEU’s General Data Protection Regulation (GDPR). Since the GDPR wentinto effect in 2018, it’s still fairly recent legislation—and the changes it’sprompting are still in progress.Among those changes, the one that’s top of mind for compliance officersand legal counsel around the world is an overhaul of the EU’s standardcontractual clauses (SCCs) for data transfers.What are SCCs?SCCs are model clauses for data processing agreements (DPAs), whichare contracts between data controllers (the parties outsourcing customerdata) and data processors (the parties processing and analyzing it ontheir behalf). If a business collects personal data from customers locatedin the EU and transfers that data to a processor outside the EU, the DPAgoverning that cross-border transfer must use the SCCs as a template.The European Commission created the SCCs in 2001 and added to themin 2010 to promote consistent data protection standards on behalf ofconsumers in the EU.What do SCCs have to do with the GDPR? While the SCCs are data transfermechanisms that guide individual transactions, the GDPR is a b