Debra Bromson, K Royal, Ashley Slavik, Margaret Gloeckle, Michael Wade

AM Workshop

Third Party Providers, First Party Risk: How to Effectively Manage Vendors in a Rapidly Changing World

With the new and upcoming privacy laws driving responsibility for data protection throughout the data lifecycle and out to third parties, vendor management is increasingly more complex. Even within vendors, a company must now consider the circumstances and limitations on the use of data in order to properly classify them. Businesses need to know where liability starts and ends, where details may break a relationship, and how to demonstrate compliance and perform due diligence to avoid potential negligence or unintended consequences. Join us for a thorough workshop to learn how to manage vendors under a variety of circumstances and legal regimes. We will provide checklists, definitions, methods to implement, contractual language and approaches, and negotiation tactics.

Some topics we will cover:

  1. Definition – how to classify your vendors
  2. Due diligence – what you need to know about them
  3. Battle of the forms – what doc will be in place
  4. Tips for negotiating under CCPA – how to get your vendors to agree in a global landscape


Debra Bromson, Assistant General Counsel, AAA Club Alliance
K Royal, Associate General Counsel, TrustArc
Ashley Slavik, Chief Privacy Officer & Lead Data Counsel, Veeva Systems Inc.
Margaret Gloeckle, Vice President, Privacy & Compliance Counsel, A+E Networks
Mike Wade, Chief Technology Officer, Planet Data


Ashley Slavik
Ashley Slavik

Chief Privacy Officer & Lead Data Counsel
Veeva Systems

Debra Bromson

Data Privacy & Cybersecurity Attorney

K Royal
K Royal

Lead Privacy Counsel

Maggie Gloeckle

Chief Privacy Officer
HP Enterprises

Michael Wade
Mike Wade

Chief Technology Officer
Planet Data