LinkedIn
Instagram
facebook
Twitter

Support: 01242 504614

Sales: 01242 388530

phone
LinkedIn
Instagram
facebook
Twitter
Home > How to Manage Supplier Data Protection Compliance

How to Manage Supplier Data Protection Compliance

Jul 15, 2021

Working with BHSF to Secure Better Data Protection and Compliance Among Suppliers 

As an organisation with a diverse supply chain, BHSF needed to tighten up data security and reduce supplier risk. Optimising IT was brought in to restructure their supplier review process, identify potential data security risks and make recommendations to promote better regulatory compliance.

The Organisation: BHSF

BHSF is a market-leading not-for-profit organisation that seeks to impact workplace wellbeing positively. Founded in 1873, BHSF has spent over a century developing industry-leading health and wellbeing products and services. Their ultimate goal is to provide innovative ways for employers to help care for their employees.

When BHSF approached Optimising IT, they were looking for assistance with key aspects of their already robust Information Security strategy. Our focus was on delivering security reviews across their supply chain.

The Challenge Faced by BHSF

With a new CIO (Chief Information Officer) joining BHSF focusing on information security, the non-profit organisation was looking to implement changes to its data protection policy and activities to shore up processes in line with ever-changing regulations and legislation.

Considering the nature of the data held by BHSF, the CIO turned to Optimising IT — a trusted and award-winning managed IT service provider — to design and carry out a comprehensive supplier review, seamlessly aligned with the requirements of the BHSF Information Security Management System.

The Results: What Did We Do?

Going into this project, we knew the importance of a strong cyber security review and how much value we could offer BHSF in terms of data safety and regulation compliance.

According to the Allianz 2021 Risk Barometer, one of the greatest threats to global organisations is cyber security incidents. They identified cyber security breaches as having the same potential for harm to organisations as the COVID-19 pandemic.

Working closely with the Chief Information Officer (CIO) and supplier management team, Optimising IT provided and continues to provide supplier review consultancy and advice. We also have a retained consultancy service to assist BHSF with crucial elements of their Information Security Management System as the organisation grows and changes.

Through our flourishing strategic partnership, we have:

  • Reviewed the information security of over 20 key suppliers across IT, insurance, healthcare and employee benefits
  • Identified that of these suppliers, many required improvements to their security approach before continuing work with BHSF
  • Developed clear and detailed reports providing high-level executive summaries on each review item, including key recommendations, to help stakeholders and management teams make decisions about supply chain engagement.

The Approach: How Did We Do It?

With multiple suppliers to manage and monitor — from employee benefits providers and outsourced IT partners to clinical delivery services — BHSF must be careful that its supply chain does not fall prey to risk management concerns and non-compliance. Such a broad remit of suppliers — many of whom handle sensitive data, including medical information — presents plenty of opportunity for data security vulnerability.

Internally, BHSF already had a strong risk management approach with an ethical basis and wanted to conduct a thorough review process to understand levels of risk within their supply chain.

Our approach was to work with the supply base to make improvements that reduced risk for BHSF and the suppliers. We did this through reporting and detailed summaries.

The report output we produced for BHSF is highly detailed. We reviewed each supplier based on current industry best practices, considering relevant GDPR legislation, supplier size and duties as data handlers. Crucially, the reports also provide a high-level executive summary, including a conclusion of findings, and details on each review item within the report, why the area is relevant to BHSF and key recommended actions for improvement.

BHSF has also used the same reporting as part of their due diligence process for new suppliers and, at times, have ruled out suppliers based on the review results.

Learn more!

Highlights and Key Benefits for Bruton Knowles

Optimising IT continues to offer lasting value to the BHSF security process and data compliance activities. The key benefits of our work together include:

  • Creating a bespoke review framework tailored to BHSF requirements and including current industry best practice
  • Developing highly detailed supplier review reports, including recommended actions in context to the supplier and services
  • Delivering all activities through our highly skilled CISSP and ISO27001 Lead Auditor consultants
  • Ongoing retained Consultancy as part of our Virtual Information Security Management service
Contact Resolution

78% Average First Contact Resolution

Customer Satisfaction

98.8% Average Customer Satisfaction Score

rapid response

Rapid Response Time

cyber-focused approach

Cyber Focused Approach

FREE REVIEW

Enhance Your Data Security: Claim Your FREE IT Review
Concerned your data security and compliance activities might be leaving your organisation vulnerable to cyber attacks and compliance breaches? Take your first steps to that future of strong Information Security by signing up for your FREE IT system review from our managed IT and consultancy experts. Our reviews include a sales-free 60-minute consultation that looks at your organisation, your goals and covers potential opportunities for improvement, as well as a customised roadmap to success.

Why Choose Us

why choose us

CONSULTATIVE APPROACH, ELEGANT IT SOLUTIONS

Our consultative approach enables us to get to know your business, so we can deliver elegant IT solutions that are cost-effective and in tune with your business needs.

HIGH QUALITY SERVICE, STRAIGHT TO 2ND LINE

Our UK based Service Desk goes straight to a highly qualified 2nd line support engineer, guaranteeing a quick response and resolving most issues at First Contact. That’s why we’re able to consistently achieve over 78% First Contact Resolution (FCR). This keeps staff downtime to a minimum compared to traditional 1st line slow to respond Service Desk models.

EXPERT TEAM, SEAMLESS INTEGRATIONS

Our commercially focused, highly experienced team understand the importance of seamless integration with in-house teams and delivering a consistent, high standard of service.

MEASURING SUCCESS, KPI DRIVEN

Our services are continually monitored and KPI driven. Our reporting is shared in a collaborative way, guaranteeing transparency and a focus on continued service improvement from a high-quality baseline.

FLEXIBILITY, CO-SOURCE OR OUT SOURCE SERVICES

Our Co-source and Out-source services mean we are flexible in our approach to deliver the appropriate level of support for all our customers.

CONNECTED WITH TRUSTED TECHNOLOGY

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Phasellus odio nisi, ultrices eu magna a, auctor sagittis enim. Sed ac posuere lacus. Curabitur ultricies, sem in lacinia iaculis, orci justo ornare est, ac dictum erat diam vel erat.

CONSULTATIVE APPROACH, ELEGANT IT SOLUTIONS

Our consultative approach enables us to get to know your business, so we can deliver elegant IT solutions that are cost-effective and in tune with your business needs.

EXPERT TEAM, SEAMLESS INTEGRATIONS

Our commercially focused, highly experienced team understand the importance of seamless integration with in-house teams and delivering a consistent, high standard of service.

FLEXIBILITY, CO-SOURCE OR OUT SOURCE SERVICES

Our Co-source and Out-source services mean we are flexible in our approach to deliver the appropriate level of support for all our customers.

HIGH QUALITY SERVICE, STRAIGHT TO 2ND LINE

Our UK based Service Desk goes straight to a highly qualified 2nd line support engineer, guaranteeing a quick response and resolving most issues at First Contact. That’s why we’re able to consistently achieve over 78% First Contact Resolution (FCR). This keeps staff downtime to a minimum compared to traditional 1st line slow to respond Service Desk models.

MEASURING SUCCESS, KPI DRIVEN

Our services are continually monitored and KPI driven. Our reporting is shared in a collaborative way, guaranteeing transparency and a focus on continued service improvement from a high-quality baseline.

connected with trusted technology

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Phasellus odio nisi, ultrices eu magna a, auctor sagittis enim. Sed ac posuere lacus. Curabitur ultricies, sem in lacinia iaculis, orci justo ornare est, ac dictum erat diam vel erat.

Case study

Read Case Studies

Shonga-shonga paminta Cholo neuro na ang sudems jongoloids biway thunder majubis klapeypey shonga sa tungril planggana katagalugan lulu

Testimonials

What Our Customers Say