Stephen Reynolds Quoted in Compliance Week: "DoorDash Data Mishap Showcases Hazards of Third-Party Vendors"

Ice Miller LLP partner Stephen Reynolds was quoted in the Compliance Week article, "DoorDash Data Mishap Showcases Hazards of Third-Party Vendors."

The article included: 

“Oftentimes in situations involving a breach and a third-party service provider, there are disputes over who is responsible and the degree to which one party is more responsible than another,” said Stephen Reynolds, a partner at the law firm Ice Miller. “While I do not know the specifics of this instance,” he continued, “it is possible that if DoorDash named a third party as responsible, that third party would respond with finger-pointing of its own.”

No matter how the DoorDash mishap is labeled, it serves as a reminder to monitor third parties. “Oftentimes companies overlook or fail to appreciate the security risks posed by third-party vendors,” Reynolds said. “Doing due diligence with regards to these vendors and drafting contractual language that imposes specific data security obligations on vendors can mitigate some of the third-party vendor risk,” he explained.

“Third-party vendors continue to pose a threat of data security incidents, and it is typically the consumer-facing company that bears the brunt of the publicity—even if the vendor is at fault,” Reynolds said.

Click here to read the full article.