While privacy management software is an invaluable tool for the privacy office, procuring the right solution from the right vendor can be a time-consuming process. In the last several years, the market has been flooded with providers offering myriad solutions to accommodate a diverse set of needs.
When evaluating privacy compliance software, there are three categories:
1) Legal Research Software: Develops a deep understanding of privacy compliance obligations.
2) Privacy Office Support Software: Builds and maintains a privacy program that demonstrates ongoing compliance.
3) Privacy Management Software: Automates complex or high volumes of privacy management activities.
Recently, we released a comprehensive Privacy Compliance Software Buyers Guide. The guide is an exciting, practical resource filled with an unprecedented amount of detailed information on all three categories of privacy software. The guide also contains a great deal of information on how to choose the right vendor to suit your organisation’s needs.
How to Choose the Right Vendor: 12 Key Factors
When selecting a vendor for privacy software, there are a number of vendor attributes that should be taken into consideration:
1) Demonstrable Privacy Expertise
Does your software provider have demonstrable in-depth knowledge of privacy? How long have they worked in this field? Your chosen vendor should have full-time dedicated employees, and should have published thought leadership materials to share with you. These materials may include proprietary frameworks and methodologies, as well as additional topical content.
How many law firms rely on your vendor’s content? A trusted vendor will be able to prove the accuracy of their materials through the history of their clientele.
3) Customer Success
In order for your implementation to succeed, your organisation will need access to comprehensive training and support. Ensure that your vendor has a full-time, dedicated team of privacy professionals to support the software solution, who are available to assist your privacy office.
4) Track Record
How many years has your vendor been operating in the field of privacy management? How many employees do they have on their team who have been working with them for longer than 10 years? A long history can be an excellent indicator of a sustainable future. And in building a privacy management software solution into your privacy program, you’ll want to ensure that you can use the platform for the long-term.
5) Regulator Research and Reporting
Does your provider have a demonstrable history of working with regulators? In order for this history to hold water, you’ll need to ensure that the vendor has done more than simply republish regulator materials, but instead has been involved in projects that benefit the regulators, the regulated, and also the data subjects. It is always a good indicator if the vendor has former senior regulatory privacy experts working at the company.
6) Customer Loyalty
Ensure that your software vendor is able to provide a list of long-term customers who have renewed for several years in a row. Customer loyalty is a key indicator of the platform’s effectiveness.
Consider what kind of maneuverability you may have in the future with this vendor. Do they insist on locking you into a long-term contract right out of the gate, or do they provide an easy migration path to other vendors in the event that you are dissatisfied?
Setting an intention for your privacy program is essential in reaching your goals for compliance. In this respect, it is critical to ensure that your software provider shares the mandate of your privacy office.
9) Law Firms and Consulting Firm Partnerships
It takes a village. And in purchasing a privacy management software solution, your privacy office should also be granted access to your vendor’s associated law and consulting firms for added support. Ensure that your vendor has special licensing to allow customers to easily work with these partners.
10) Global Focus
Does your vendor focus only on the GDPR, or do they provide knowledge of privacy compliance across all jurisdictions? While GDPR is important, there are many other privacy laws that you will need to comply with, and many more changes to existing laws coming in the future. Choose a vendor who can provide support across multiple legislations.
Has the vendor been preparing to support its customers since the GDPR was first announced in January 2012? While the GDPR is new, much of its original form is still intact. Vendors who have been studying the regulation since its inception will provide superior subject matter expertise to those new to the topic.
12) Works with Regulators
Ensure that your provider has been working with, and gaining intelligence from privacy regulators. This implies that they have an understanding of what regulators consider to be important, and that they take this into consideration in building the solution. For instance, the solution should feature functions built in to satisfy regulator needs and expectations.
About the 2018 Privacy Compliance Software Buyers Guide
The Nymity 2018 Privacy Compliance Software Buyers Guide has been developed to help a privacy office navigate the three different types of software, and best decide where to invest in order to mitigate risk, build accountability, and achieve ongoing compliance.
The Buyers Guide will:
- Assist in assessing when software would be beneficial and provide a return on investment
- Provide example criteria for comparing different software solutions, or when creating an RFP
- Help you to build a business case for acquiring the solution
To download the Buyers Guide, click here: