Choose Site

With the world in various states of lockdown, your organization’s online presence is more important than ever…even more so with official enforcement of CCPA beginning last month. It may be a good time to spend an afternoon reviewing and updating the legal boilerplate on your organization’s website. Here is what we recommend for a basic three-part review to get you started:

  • Privacy Policy. Many clients updated their policy earlier this year to reflect changes required by CCPA. If you fall into this category, then ensuring that the proper version of your privacy policy is reflected on your website, typically in the footer, is a good idea. You would be surprised to know how many clients update their policy, but then fail to actually post the correct version publicly. If you did not recently review your privacy policy, it may be a good time to do so. In addition to seeking advice on changes recommended in light of CCPA, it is also good hygiene to pull the policy and give it a fresh read. Has your organization’s collection practices changed? Has your organization began using or disclosing data differently than it has in the past? A privacy policy only protects your organization to the extent that it is accurate and complete, so periodically spending an hour or so to ensure its accuracy is typically time well spent.

Procurement outsourcing is hot. And, really, what is the downside? Committed savings on identified spend that may not have otherwise been captured and realized (and hopefully offsetting and well exceeding any procurement outsourcing fees). Procurement outsourcing is a great business proposition and can be a win for a company if it picks a service provider that can deliver and it has strong contract protections that enable "guaranteed" savings. Four factors that we have seen lead to a successful deal are good (1) sourcing and category management strategies, (2) contract collection and vendor management, (3) benchmark data and buying leverage, and (4) success metrics that are accurate and measurable.

A recent article in CIO magazine highlights the potential security risks posed by using USB thumb drives. The premise of the article—that the firmware in these devices is generally not protected and can be replaced with malware that can infect your systems—sends chills down the spine of the risk-adverse lawyers and sourcing professionals involved in negotiating IT services contracts and associated security requirements.