I recommend proper legal advice in regard to contracts.
Current experience suggests that many DPs have not yet woken up to the fact that they will have accountability and responsibilities and liabilities under GDPR. When they do, they will want those to be reflected in the cost of the service they provide (if not, they are, at best, being foolish). If the contract is typical, GDPR will provide them with a reason to renegotiate ('change in legislation').
M
> On 15 Feb 2017, at 10:56, stephen Lemon <[log in to unmask]> wrote:
>
> Good morning everyone
>
> I'm just wondering what sort of work you are all doing around contracts with GDPR around the corner.
>
> Do you have any concerns?
>
> I work in the NI Civil Service and as such myself and a colleague are working with the 9 Government departments, Public Prosecution Service and Public Record office to help them implement GDPR in a corporate way (well as much is as possible).
>
> contracts is one of the issues that has came up in our initial discussions and I think either ICO or Article 29 are due to publish some guidance on this.
>
> we see a couple of issues, don't know if you agree.
>
> Current contracts that continue past 25.5.18
>
> New contracts being procured now that will continue past 25.5.18
>
> New contracts procured after 25.5.18
>
> what we have agreed to do is carry an audit across all 11 organisations mentioned above to firstly identify which contracts involve the processing of Personal Data and Sensitive Personal Data.
>
> at that point we will no how big our "issue" is.
>
> our current contracts tend to have very bland, generic DPA clauses - i.e. you agree to comply with the DPA.
>
> Do you think in the GDPR world, saying you will comply with GDPR would cut it? or would it need to be a lot more prescriptive?
>
> the other concern about current contracts is that there are obvious differences between DPA and GDPR and that Data Processors have a lot more responsibility.
>
> there are other concerns to but I'm interested to see how other organisations are approaching this.
>
> we've had initial discussions with our procurement people who don't seem that concerned and they take their guidance from Cabinet Office, which I find a concern in itself.
>
> Happy to discuss on list or off list - just to see
>
> I think we're on the right track initially, its the bit after this that is the concern i.e. do contracts need to be renegotiated?
>
> we'll be seeking advice from our solicitors as well.
>
> thanks I advance
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving messages please send to the list owner
> [log in to unmask]
> Full help Desk - please email [log in to unmask] describing your needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|