LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Outsourcing question (international 3rd parties)...
From:	Pilar McAdam <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Mon, 24 Aug 2009 12:30:22 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (58 lines)

Earl raises a really good point.

At my prior company, which did a lot of contracting with the US
Government, exposing proprietary, confidential or otherwise restricted
technical information to non-US persons was an enormous "no-no", subject
to substantial fines and possible prison terms. There were standard
terms & conditions that my company inserted into all subcontracts
(whether for services or manufactured goods) that required that no such
exposure take place. This included thinking about how any paper records
might be recycled (possibly exposing the contents of such documents to
viewing by others).

The exposure of personally identifiable information (PII), including
outside of the US, is something that I think hasn't been adequately
addressed or considered, particularly in the frenzy to take advantage of
lower labor costs in other countries. There's often more rapid turnover
of personnel at these companies, and the ability to control or prosecute
misuse of PII in other countries is something I don't know much about.
I do know that at my prior company they were actively putting pressure
on suppliers to assume at least partial liability for any data breaches
that happened while information was in their custody (or in the custody
of their subcontractors/suppliers).

I'd be interested in seeing any contract language that folks would be
willing to share that addresses these issues. Wouldn't it be wonderful
if there were some standards available for this kind of thing? If
anyone knows of such standards, please share with the rest of us!

Pilar C. McAdam, CRM
Director of Legal Information Systems
Sheppard Mullin Richter & Hampton LLP
[log in to unmask]

--------------------------------------------------------------------------

Pilar C. McAdam, CRM
Director of Legal Information Systems
333 South Hope Street
48th Floor
Los Angeles, CA 90071-1448
[log in to unmask]
Direct: 213.617.5417
Fax: 213.443.2703

Circular 230 Notice: In accordance with Treasury Regulations we notify you that any tax advice given herein (or in any attachments) is not intended or written to be used, and cannot be used by any taxpayer, for the purpose of (i) avoiding tax penalties or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein (or in any attachments).
Attention: This message is sent by a law firm and may contain information that is privileged or confidential. If you received this transmission in error, please notify the sender by reply e-mail and delete the message and any attachments.
http://www.sheppardmullin.com/
--------------------------------------------------------------------------

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US