With more organizations focused on cutting costs, outsourcing certain functions becomes an attractive alternative. Your organization may be using outside vendors to assist in tasks that involve handling sensitive data. By doing so, you may be creating an additional vulnerability for the breach of that data.

According to Verizon Communications' investigative response team, more than half of the incidents addressed by the team each year are attributable to outsourcers that process credit card transactions for restaurants and retailers. In addition to credit card processors, customer call centers, web developers and content providers and data backup service providers are among the sources of data breaches for the companies that hire them. Such outsourcers (and, in particular, their disgruntled employees) are often targeted by identity theft perpetrators.

Using outside vendors requires additional diligence on the front end in order to protect your organization from this additional vulnerability. What should you do? Limit the types and amounts of information made available to outside vendors to what is essential to complete their tasks and make sure that your contractual arrangements with outside vendors are drafted to protect your organization as fully as possible in the event of a data breach. For an article with more information about the Verizon team's findings, go here.

For more information about legislation or litigation involving technology, intellectual property protection of information technology assets or any other Information Technology law issue, contact your Miller Canfield attorney or Kathy Ossian, Leader of our Information Technology Team, or call her direct at 313.496.7644.