The next UKUPC webinar will be led by APUC and is open to all members of UKUPC.

Data Controllers are accountable for the personal data they process, including their use of third-party Processors. To put this in context, colleges and universities are Controllers for most - if not all - of their data, for example processing student data using a management information system (MIS) or staff data using a payroll system. Most of these platforms are provided by third-party Processors. However, the procurement process does not always delve into the data protection details of vendors. Who ensures that vendors comply with data protection law? How can this be achieved? And what happens when a vendor does not comply and the service is procured anyway?

The recent Ticketmaster UK case is a masterclass in the importance of Processor due diligence, where, following investigation by the regulator, Ticketmaster UK, as the Controller, were investigated due to a Processor security breach, resulting in the regulator fining them £1.25 million.

Join us to hear how data protection and procurement professionals can work together to avoid such scenarios by providing our customers with compliant solutions, where we will discuss data protection and procurement processes, touchpoints and lessons learned from the Ticketmaster UK case.

Presenters:

Michael McLaughlin, Head of Category - Information Services (APUC)

Mairead Wood, Head of Service – DPO-Share (HEFESTIS)

James Nock, Data Protection Officer - Universities of Highlands & Islands (HEFESTIS)

Book here