External IT service provider/Managed Service Provider (MSP)
Dear Sunderland City Council,
1) Do you use an external IT service provider/Managed Service Provider (MSP)?
Yes
No
2) Does your provider/MSP serve as a processor of your Personally Identifiable Information (PII)?
Yes
No
If No, thank you for your time.
If Yes, please see below
3) If yes, does your contract/service level agreement (SLA) with the provider(s) have clear provisions for the allocation of responsibilities in the event of a data breach?
Yes
No
4) Have you revisited your original contract(s) to ensure compliance with the General Data Protection Regulation (GDPR)?
Yes
No
5) Does the contract/SLA define the time frame in which a security breach at the provider must reported to you?
Yes
No
6) Do you have policies in place for privileged account management?
Yes
No
7) Has your organisation/service provider/MSP suffered a data breach involving your organisation’s PII in the last 12 months?
Yes
No
8)If yes, how long did it take for them to notify you?
<30 mins
31 mins – 1 day
1 – 2 days
2 – 3 days
More than 3 days
Yours faithfully,
Barry Salmon
Re: Your request for information concerning:
External IT service provider/Managed Service Provider (MSP)
The Council aims to provide available information promptly and in any
event within 20 working days, unless, exceptionally, there is a need to
consider whether the information is exempt from disclosure.
I will contact you again soon in connection with your request.
Please quote the reference below if you contact the Council regarding this
request.
Customer Request Number: 18 07 68
[1]cid:image001.jpg@01D3FCC2.ACA7A800
[2]cid:image002.jpg@01D3FCC2.ACA7A800
Hello,
Thank you for your recent Freedom of Information Request, which you
submitted to Sunderland City Council. We have now assessed the request and
created the attached response for your attention.
Regards,
[personal information removed]
Technical Team Manager (Customer Support)
Corporate Services
Sunderland City Council
[1]www.sunderland.gov.uk
[2]Sunderland-City-Council-Logo
[3][IMG]
[4][IMG] [5][IMG]
Confidentiality: this email and its attachments may contain confidential
and privileged information. If you are not the intended recipient, please
inform the sender by return email and destroy all copies. Unauthorised
access, use, disclosure, storage or copying is not permitted.
For information about how we collect, use, share and retain your personal
data, visit: [6]https://www.sunderland.gov.uk/data-prote.... Any email
including its content may be monitored and used by the Council for reasons
of security and for monitoring internal compliance with policy. Email may
also be disclosed in response to a request for information, unless exempt
under access to information legislation. Please be aware that you have a
responsibility to ensure that email you write or forward is within the
bounds of the law.
The Council cannot guarantee that this message or any attachment is virus
free or has not been intercepted and amended. You should perform your own
virus checks.
References
Visible links
1. http://www.sunderland.gov.uk/
3. https://www.sunderland.gov.uk/
4. https://en-gb.facebook.com/sunderlandcit...
5. http://twitter.com/sunderlanduk
6. https://www.sunderland.gov.uk/data-prote...
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now