This is the multi-page printable view of this section. Click here to print.
Third-Party Data Sharing Policies
1 - Vendor Management
- Vendor Selection Criteria: Evaluate data security track records and compliance.
- Security Standards: Enforce high-level security requirements in contracts.
- Contracts and Agreements: Restrict vendor usage of data to legitimate operational requirements.
2 - Data Sharing Consent
- User Authorization: Obtain explicit opt-in preferences for external data transfers.
- Opt-Out Mechanisms: Permit withdrawing or limiting specific vendor access.
- Data Minimization: Share only fields essential for service functionality.