Confronting the challenges of vendor management in biometrics
Data protection should be a key part of ongoing supplier governance, which could include monthly meetings with vendors. By Emma Erskine-Fox and Gareth Oldale of TLT.
The use of biometric products and solutions poses myriad privacy challenges for organisations looking to implement this technology into their businesses. Key among those challenges is vendor management; building in biometric processes will inevitably require the use of third party suppliers to provide the technology that processes the biometric data. Working with these vendors may mean that organisations lose day-to-day control over the data, but the accountability obligations in the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DP Act) mean that the bulk of the data risk still sits with the organisation.