Of the many worries on privacy compliance teams’ lists as we face the onslaught of state “general” privacy laws are the impacts they have on vendor contracts. Fortunately for those who have already had to deal with contracts with vendors (service providers, processors) in California or EU’s GDPR, the impact should be fairly minimal.
In Colorado, Connecticut, Montana, Tennessee, Texas, Utah and Virginia, contracts are required with entities who process or collect information for the business. What do these laws, collectively, require be in the contracts? The following is a quick reminder:
