惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
The Last Watchdog
The Last Watchdog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
T
Troy Hunt's Blog
L
LINUX DO - 最新话题
C
Check Point Blog
T
Threat Research - Cisco Blogs
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
罗磊的独立博客
V
Vulnerabilities – Threatpost
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
J
Java Code Geeks
Apple Machine Learning Research
Apple Machine Learning Research
大猫的无限游戏
大猫的无限游戏
S
Security @ Cisco Blogs
IT之家
IT之家
T
The Exploit Database - CXSecurity.com
The GitHub Blog
The GitHub Blog
D
Docker
Engineering at Meta
Engineering at Meta
AWS News Blog
AWS News Blog
S
Security Affairs
U
Unit 42
P
Palo Alto Networks Blog
V
Visual Studio Blog
Y
Y Combinator Blog
D
DataBreaches.Net
Forbes - Security
Forbes - Security
阮一峰的网络日志
阮一峰的网络日志
美团技术团队
Security Latest
Security Latest
aimingoo的专栏
aimingoo的专栏
Simon Willison's Weblog
Simon Willison's Weblog
A
Arctic Wolf
博客园_首页
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
H
Hacker News: Front Page
博客园 - 司徒正美
博客园 - Franky
宝玉的分享
宝玉的分享
TaoSecurity Blog
TaoSecurity Blog
Latest news
Latest news
Scott Helme
Scott Helme
MongoDB | Blog
MongoDB | Blog
量子位
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
C
Cisco Blogs
P
Privacy International News Feed
Application and Cybersecurity Blog
Application and Cybersecurity Blog

Latest blog posts

Finding Solutions for Data Bias | Demyst Using Snowflake for External Data Deployment | Demyst 5 Hurdles Facing New Financial Products | Demyst The What, Why, and How of External Data | Demyst Fast Company Recognizes How External Data Can Change the World | Demyst 5 Checks for Flagging Fraud Risk | Demyst External Data’s Tipping Point | Demyst OpenCorporates Spotlight: Data Transparency Deep Dive | Demyst Looking Ahead: High Expectations, Low Margins for Error | Demyst How Lenders and Insurers Can Use Geolocation Data | Demyst Assessing Driver Risk Without Using Credit Scores | Demyst Digital Footprints for ID Verification | Demyst Layered Solutions to Fight SMB Lending Fraud | Demyst Global IDV Workflows Demand Multi-Source Solutions | Demyst Fintechs: Drifting into Compliance Failure? | Demyst Penalties Mount for Marketers Using Toxic Data | Demyst Assess Insurance Risk with Property Data | Demyst Application Prefill: A Digital Reality | Demyst Demand for ESG Data is Accelerating | Demyst Demyst’s Entity Resolution: Multi-Source Recipes | Demyst Verifying Phone Numbers Is Key for the BNPL Vertical | Demyst Game Changer: Demyst’s Entity Resolution Tech | Demyst Social Inflation Raises Courtroom Risks | Demyst Expecting the Unexpected | Demyst Meet Demyst at AWS re:Invent 2021 | Demyst External Data Addresses Crypto Regulations | Demyst Supply Chain Risk Management | Demyst Collaboration with AWS Data Exchange | Demyst Improving Trust on Managed Platforms | Demyst Risk Management: Diving Deeper | Demyst Assess Risk with Crime Data | Demyst The Risk Equation for Online Transactions Has Changed | Demyst Data Decay: An Ongoing Issue | Demyst The Increasing Responsibilities of Non-Bank Lenders | Demyst Mitigating Fraud with Social Media Data | Demyst Pandora Papers Pierce the Veil | Demyst What Constitutes ESG Data? | Demyst Demand for BNPL services is growing exponentially...data is the enabler. |… Residential Property Data For Marketing Decisions | Demyst Liens: Key Risk Assessment Indicators | Demyst Looking Beyond Registry Details for U.S. Businesses | Demyst Synthetic Identities, Genuine Fraud | Demyst Business Judgment Monitoring Made Frictionless | Demyst External Data Insights for the Insurance Industry | Demyst Going Deeper than Tax Assessor Data for Marketing | Demyst Addressing Data Decay in Phone Numbers | Demyst Leveraging External Data to Address Rising Compliance Costs | Demyst How to Verify a U.S. Person’s Address | Demyst Automating Due Diligence Processes with Business Website Lookup | Demyst Inspecting the Dots: Common Checks to Spot Fraudulent Businesses | Demyst Mind the Gap in Local Property Records | Demyst State Regulators Set External Data and Model Monitoring Requirements | Dem… Mitigating Marketplace Onboarding Risk With External Data | Demyst Warning Signs in Small Business Insurance | Demyst Climate is Changing and So Must Insurance | Demyst How are Commercial Insurers Adapting to Climate Change? | Demyst Untangling Merchant Chains of Ownership with UBO Data | Demyst Demyst raises A$33m and announces plans to IPO | Demyst Digital Fraud Attempts Have Risen By 150% | Demyst A new report suggests 79% of businesses will forsake some growth for incre… It's flood season! In response, FEMA is incorporating new external data in… Millions of PPP dollars went to fake farms in the Carolinas...could it hav… Litigation analytics is taking off...what data is available and what are t… Enterprise Litigation Analytics Data Landscape | Demyst B2B intent data is powerful...but third-party cookies are going away soon.… Assessing business intentions....with intent data | Demyst Privacy policies for geolocation data are changing....what will be the imp… Data Landscape - Global Mobility Data | Demyst DemystData Announces Collaboration with AWS Data Exchange to support exter… Emerging Small Business Use-Cases with Geolocation Data | Demyst HazardHub Data Spotlight: 900+ attributes to describe and assess a propert… Demyst Recipe: Getting Business Registration Details from Multiple Data So… Launching the Demyst Webinar Series | Demyst Why establish FinCrime data middleware? | Demyst Know more. Do more. | Demyst Predicting Customer Trajectory with External Data | Demyst Demyst and Harbor Point Analytics partner to bring external data to the In… Leveraging External Data to Identify "Breakout SMBs" | Demyst Dynamic Fraud Mitigation | Demyst Swimming Pools, Trampolines, and Now What | Demyst Automating CARES Act Payroll Verification | Demyst Who knows their County FIPS code anyway? Say hello to Zip code based Covid… Examining consumer behavior during COVID-19 using near real-time consumer … Assessing Covid Supply Chain Risks with External Data | Demyst A message from the Demyst team | Demyst
Vendor Due Diligence for Data Privacy | Demyst
Demyst Team · 2022-02-22 · via Latest blog posts

Companies that want to become data-sharing masters must manage that data carefully. When performing due diligence on a new data provider, it’s not enough to review representations and warranties while hoping for the best — Chief Data Officers (CDOs) must ask detailed questions to understand how external data sources operate. 

There are five key areas to consider when reviewing data providers.

Sourcing Practices 


Find out whether a provider has automated processes in place for collecting data, and understand their policies and practices for automation.
 

The provider may be using government records, publicly available sources, third-party records, or information collected from individuals, which each have their own implications for managing consent and implementing privacy policies. 

Even publicly available data can provide sensitive personal information that may be subject to regulatory oversight. Ask whether providers regularly receive data subject requests and whether and how they are prepared to respond to them. 

Lawful Purpose


Consent processes may be influenced by the data provider’s
lawful reasons for processing personal data. Whenever a provider claims that its collection of personal data is supported by a lawful reason, then that claim should be reviewed. 

Consent Policies


If a provider’s lawful basis for processing personal data is based on consent, Ask questions to examine that process: 

  • Is the consent language clear — does the provider explain what they are collecting and sharing and why?
  • Has the provider clearly described an individual’s legal rights under relevant jurisdictions?
  • Do individuals actively provide their consent, or is consent assumed by default? Do individuals need to take additional steps to prevent their data from being collected?
  • Can an individual withdraw consent, and how does the provider respond to that request?

The actual mechanisms for acquiring consent also matter. Individuals should give consent freely and affirmatively, after being informed of their rights, as opposed to assuming that they have given consent based on their participation in a survey or registration for a service.

When data providers are reviewed for inclusion in the Demyst platform, the main considerations are whether consent was obtained, whether that consent was informed and freely given, and what process was used to obtain it. 

Reviewing and Renewing Relationships


Data privacy regulations are continuing to be updated, and due diligence needs to be an ongoing process that responds to these regulatory changes. And data providers should be able to explain how they are adapting their business processes to comply with changing regulations.

Any company onboarding new data sources must not only inspect the provider’s current data collection practices, they must also review those practices at regular intervals in the future. 

Data Supply Chains


When a data provider aggregates data from other sources, or relies on other organizations to collect its data, then those collection practices should be considered.

It may not be possible to trace collection practices all the way back to the source of the data, but asking a provider about its own due diligence processes can reveal unexpected risks in the data supply chain. 

This Is No Substitute for Legal Advice


The due diligence process will be different for each data provider; data privacy regulations involve too many variables for a simple checklist. Extra care is necessary when dealing with topics like sensitive personal information, criminal information, and information pertaining to children. 

Ultimately, companies onboarding new data providers will need to make their own risk assessments after receiving legal advice from qualified attorneys. And they will need to update those risk assessments as their business relationships continue. 

This is what the future will look like for external data — any organization that wants to benefit from greater insights data must either make substantial investments in data capabilities or work with a partner who already has those capabilities. 

The Demyst platform works with data providers that meet stringent qualifications while reducing the friction associated with external data procurement, testing, and deployment. Certified providers in the Demyst data ecosystem are asked more than 150 questions for a detailed understanding of their privacy policies. 

Browse the catalog to learn more about the data sources available through Demyst.