Expert Advice Community

Guest

No data security clause in existing employee and commercial contracts - should we send an addendum to all contracts?

  Quote
Guest
Guest user Created:   Sep 11, 2020 Last commented:   Sep 11, 2020

No data security clause in existing employee and commercial contracts - should we send an addendum to all contracts?

I have assumed that it is recommended to have a clause referencing data security in employee and commercial contracts with suppliers and clients.

We therefore have an action to create a new standard contract for employees, suppliers and clients to include the new data security requirement.

However, my question is, what is the recommended approach for existing employees, suppliers and clients who’s contracts do not include the necessary data security clause. Should we be sending an addendum to the contracts? Is it recommended that we do this as part of our ‘treatment’ action on the data security risk that employees, suppliers and clients alike pose to our business.

0 0

Assign topic to the user

Assign

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

ISO 27001 DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Rhand Leal Sep 11, 2020

Any treatment action to be taken about the current contracts will depend on the results of risk assessment (i.e., there are relevant risks which treatment can be made by making an addendum to the contracts? To which contracts this will be applicable) and applicable legal requirements (e.g., laws or regulations may require such addendum to be made).

Most probably you will need to send an addendum to some or all the contracts, but you need to decide that based on risk assessment and applicable legal requirements. This is the whole idea about adopting an information security management system (you have factual information and clear impacts about doing nothing to decide what to do).

For further information, see:

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Sep 11, 2020

Sep 11, 2020