The Bay Area Mobility Management (BAMM) hosts an annual event to continue the organization’s motive of “providing leadership, education, and resources as well as programs, events, and networking opportunities for the global mobility and relocation industry and community at large.” The 2018 conference took place in mid-February in San Francisco.
Hank Roth, Associate Counsel at Dwellworks, was invited to speak at the event. The topic he presented was “Protecting Assignee Data throughout the Supply Chain: Where to Begin and the Challenges in Today’s Global Environment.” He was a co-panelist alongside:
In the session, the presenters discussed the challenges and risks of assignee data in the supply chain as applied to corporate HR, third party mobility providers, and destination services providers. Although the topic was complex, the panelists helped break it down by explaining what GDPR is, who is impacted, what steps ensure compliance, and the penalities of being incompliant. Every link of the mobility chain has an obligation to ensure compliance or face dire consequences in the form of substancial financial fines.
Understanding how to store data securely and identify the most helpful tools are essential for professionals in the relocation industry, where the three states of data (see chart below) are highly confidential.
In an age where security breaches are common, it is important to understand how to manage and safeguard your assignees personal information as outsourcing services to third parties continues. The session also helped attendees understand the current issues from country to country, including domestic US, on what can be done to adequately secure information that is passed within the supply chain in order to deliver and administer mobility services. The panel also discussed the General Data Protection Regulation (GDPR) and how this is relevant to all parties in the process: corporate client, RMC, or larger supply chain. The session concluded with an open discussion regarding a best practices approach to safeguarding assignee personally identifiable information (PII).
"Hank did an excellent job of describing the new data laws in a way that all seminar attendees could understand. He stressed the importance of compliance for every service provider when assisting EU transferees." -Andrew Horvath, Dwellworks VP of Global Account Management
The audience had questions about utilitizing APIs to transmit data, the rules for each specific service lines, and others. One question delt with the definition of an European Union "resident" versus a "citizen" (a US citizen on assignment in the EU, for example). The same rules apply for such cases!
Ensuring the secure transmission and storage of transferee data is an essential duty of care task. “Duty of care” is the phrase used to describe the legal obligation of companies to foresee and prevent events that could harm others involved in the business. To read more about duty of care, check out the blog post, Duty of Care: Navigating Political Waters.
Image of Matt Dickerson, Waquas Akkawi, and Hank Roth (from left to right)