Anybody who thinks he or she can shovel IT compliance problems off to a service provider is in denial. This was a topic of presentation at the recent META Group outsourcing conference.
And it\’s surfacing lately in articles, such as this one on Silicon.com. In “You can\’t outsource email compliance headaches,” a lawyer states the case simply. According to Simon Briskman, a partner at law firm Olswang, agreed: “You can\’t outsource your regulatory obligations. What you can do is outsource functions. But if [the outsourcer] fails, you\’re liable.”
If you\’re in the client firm, you\’d better make sure you understand your own compliance issues first. Then you\’ll be in a position to tell your service provider what it needs to do to keep your organization legal.