So here is a question that we have been talking about. We use a software solution to parse emails and then send them on to the CRM. Once the data gets into our hands, the data is secure. We encrypt everything between the email parse and the CRM.
At what point does the burden of responsibility fall on us? If Cars, Car Gurus, Autotrader etc. doesn't secure the data sent to our email parsing platform, does that fall on me, or am I only responsible for the data once it is in my hands? My understanding is that it is on me all the way upstream, but I don't know how to guarantee the safety of the data before it gets to me. I understand the bottom line is that Safeguards will say "if they don't comply then don't do business with them". Ya right.