When we think about third-party management, we often think of due diligence. The Department of Justice Fraud Section’s new compliance and ethics guidance, the Evaluation of Corporate Compliance Programs, only mentions due diligence one time. The Evaluation contemplates a holistic, ongoing approach to third-party management in which the process is integrated into other functions, such as procurement.
In this episode, Eric talks about three key takeaways from the Evaluation of Corporate Compliance with regards to organizations’ relationships to third-party. He looks at what a holistic approach to third-party management looks like, how to create management processes that integrate other business functions, and how to build a risk-based process that effectively identifies risk and responds to it.
With an extensive employment litigation practice, Tedrick practices in the rapidly developing legal world of data security and privacy. Tedrick serves as a leader of Lathrop & Gage’s work on data privacy, website terms of service, data security and data breach issues. He assists clients with the technological, logistical and legal issues arising from the loss or disposal of personally identifiable information and personal health information. Tedrick is a frequent presenter on data privacy and security, social media, employment law and the workplace.