GDPR – Compliance with Contract Management

As we all know, from May 2018 data legislation is changing, with the new EU General Data Protection Regulation coming into play.

As we all know, from May 2018 data legislation is changing, with the new EU General Data Protection Regulation coming into play. Organisations will now be required to undergo extra jurisdictional application when processing the data of EU citizens and the implications for businesses are set to be big.

Don’t fear – we’re here to tell you how using supplier and contract management software can help you identify and single out your GDPR-relevant suppliers, ensuring compliance across your contract term with them.

Step One – Identifying GDPR-Relevant Suppliers

The first challenge that businesses face is where, or rather, who do we start with? Even for SMEs, the number of suppliers affected by the GDPR changes can cause a headache. So, at FTSE level, businesses are potentially looking at thousands of suppliers who are handling personal data, data controllers and data processors.

How do you isolate all of those suppliers who need to comply with the changes?

This is where e-sourcing software and contract management software comes in. Offering a systematic way of capturing key information from your suppliers and identifying those who require GDPR compliance, tools such as CF Workflows and CF Analytics give you the chance to obtain and analyse the information you need from them.

How this works is simple. Using e-sourcing software like CF Insight, you can design questionnaires to send to thousands of suppliers at any one time, asking them the questions you need to know when it comes to GDPR compliance. Targeting your strategic suppliers first, you can then use this same questionnaire for any supplier who wants to work with you in the future, giving you a quick and easy way of establishing compliance from the off-set. Once you have the information, data analysis tools like CF Analytics enable you to sift through responses, identify and report on your findings.

Step Two – Gaps in Existing Contracts

Once you’ve identified the suppliers who need to comply with the new GDPR, you need to ensure that the contract between you and the supplier reflects these new expectations. Your business also needs to identify any gaps across your contract data quickly, sending your new contractual terms to all of your GDPR suppliers to ensure compliance across the board.

Again, contract management software has you covered, giving you the ability to review your existing contracts, identify non-compliant gaps and issue contractual changes to suppliers; tracking all activity as you go, so you know exactly what’s happening, when it’s happening. Our contract management software CF Contracts also allows you to manage information using milestone functionality and automated triggers, giving you the tools you need to be confident that you’ll never miss a thing.

Step Three – Compliance

You’ve done it – it’s May 2018, you’ve ensured that your supplier contracts are GDPR compliant and you’re on a roll, but making sure you have a fully compliant supply base is pretty key to keeping on top of GDPR guidelines.

Luckily, our e-sourcing tools and contract management software make this easy, allowing your suppliers to update their company information to take the onus off you, the customer, and shifting responsibility to them: the supplier. Users can set triggers and alerts to control how and when they update information, which also highlights to you when a supplier is singled out for not updating necessary documents.

Alongside this, online KPI management tools like ours let you track supplier performance, singling out any nonconformities through alerts and scorecard technology and even enabling you to rank or tier your suppliers based on a number of factors; providing a holistic view of your supply base and giving you the much-needed assurance that all of your suppliers are GDPR compliant over the term of your engagement.

It’s as simple as that!

We hope this article has been helpful whether or not you are a Curtis Fitch customer. If you already use the Curtis Fitch platform and would like help with your GDPR assurance, please get in touch – we are here to support and guide you throughout this process.

Alternatively, if you aren’t a customer and would like to chat to us about our procurement management software, or simply understand more about best practice, we would love to hear from you. Drop us a line here.