External IT Provider / Managed Service Providers

Barry Salmon made this Freedom of Information request to Birmingham City Council

This request has been closed to new correspondence from the public body. Contact us if you think it ought be re-opened.

The request was successful.

Dear Birmingham City Council,

1) Do you use an external IT service provider/Managed Service Provider (MSP)?

Yes

No

2) Does your provider/MSP serve as a processor of your Personally Identifiable Information (PII)?

Yes

No

If No, thank you for your time.

If Yes, please see below

3) If yes, does your contract/service level agreement (SLA) with the provider(s) have clear provisions for the allocation of responsibilities in the event of a data breach?

Yes

No

4) Have you revisited your original contract(s) to ensure compliance with the General Data Protection Regulation (GDPR)?

Yes

No

5) Does the contract/SLA define the time frame in which a security breach at the provider must reported to you?

Yes

No

6) Do you have policies in place for privileged account management?

Yes

No

7) Has your organisation/service provider/MSP suffered a data breach involving your organisation’s PII in the last 12 months?

Yes

No

8)If yes, how long did it take for them to notify you?

<30 mins

31 mins – 1 day

1 – 2 days

2 – 3 days

More than 3 days

Yours faithfully,

Barry Salmon

Birmingham City Council

1 Attachment

 
 
 
 
Information request
Our reference: 1931533
Your reference: [FOI #497661 email]

show quoted sections