Pillsbury - Global Sourcing Practice (JD Supra United Kingdom)

In what is a challenging sector—especially following recent revelations over “secretive” government-awarded post-Brexit contracts—the UK Government recently issued new guidance on outsourcing aimed at improving government procurement and delivering better public service.

The Fourth Industrial Revolution is the term coined by Klaus Schwab, the founder and executive chairman of the World Economic Forum, to describe the fourth major industrial era since the first industrial revolution which took place in Europe and America in the 18th and 19th centuries.

Those of us who have been grappling with how best to approach GDPR compliance in outsourcing and other commercial contracts will be all too familiar with Article 28 of the GDPR, which sets out a number of minimum contract requirements. These build on the limited obligations that existed under the existing regime but also include some significant enhancements to the minimum processor obligations...

The UK Government has published a statement of intent containing details of its proposed Data Protection Bill. The full text of the Bill is expected in September 2017, when the UK Parliament returns from its summer break. The Bill will enshrine the EU General Data Protection Regulation (GDPR) into UK domestic law.

Pharmaceutical and Life Sciences companies operate in a demanding environment and face diverse challenges such as pricing pressure, increased regulatory requirements and mounting costs. With this backdrop, they have, starting with non-core functions, such as IT, facilities management, finance and human resources, before moving to secondary core functions, such as research and development,...

A number of major carriers have suffered high-impact IT events in the past several months. Estimates of losses in these cases have exceeded £100m. This is on top of (no doubt significant) remedial costs, reductions in share price and reputational damage. Such high-impact events are, in theory, unlikely to occur—the result of a series of unlikely events which when taken together have a...

The FCA has fined Aviva, the UK insurance group, £8.2 million for failing to have appropriate controls over its outsourced service providers. According to the FCA’s press release, the fine would have been even larger at £11.8 million but for a 30% discount due to Aviva for agreeing with the FCA to settle at an early stage.

The UK’s financial services regulator, the Financial Conduct Authority (FCA), has recently published summaries of the responses it received to a Call for Inputs (CfI) on the use of big data in the retail general insurance (GI) sector as well as outlining its responses to the issues raised. Insurance companies, which are increasingly using big data (gleaned from social media, loyalty cards,...

July 7, 2016, saw the UK’s Financial Conduct Authority (FCA) publish fresh guidance in order to clarify the requirements which apply to the financial services firms it regulates when outsourcing to the cloud. When the FCA talks about the cloud, it is referring to the full range of cloud solutions which have evolved (such as private, public and hybrid cloud) as well as the various “X as a Service”

According to Theresa May, the UK’s recently installed prime minister, Brexit means Brexit. But what this actually means in practice is still unknown. There is still a huge amount of debate over what Brexit will look like, what process should be followed and how long it will take. Some commentators, such as Michael Dougan, Professor of European Law at the University of Liverpool, have suggested...

In case you missed it, the Great British public caught the world off guard when, on 23 June 2016, a small but significant majority voted in favour of the UK withdrawing from the European Union. Much like the termination of an outsourcing agreement without detailed exit provisions and a well worked out plan, the decision has sparked political and economic chaos, as the UK is plunged into a period...

As the range of technology employed by the UK's leading banks widens, the balance between cost-effectiveness and manageability of solutions becomes increasingly difficult to strike. Mike Pierides (Partner) and Rich Jones (Associate) from law firm Pillsbury examine some of the challenges banks face in sourcing the technology they need to stay competitive.

A recent survey of over 1,200 of the top mobile apps in 19 countries by the Global Privacy Enforcement Network ("GPEN") has found that 85% of the apps reviewed were non-compliant, failing to provide even the most basic privacy information to users.

In July, the Financial Conduct Authority (FCA - the financial regulatory body in the United Kingdom) issued a paper titled "Considerations for firms thinking of using third-party technology (off-the-shelf) banking solutions" (the Considerations).

The UK financial services regulator, the Financial Conduct Authority (FCA), has launched a guidance consultation in order to clarify and confirm its approach to the supervision of financial promotions in social media, including the use of character-limited forms (Examples of character-limited formats are Twitter (which limits tweets to 120 characters) and Vine (which limits videos to six-second...

Ofcom has published a call for input, entitled "Promoting investment and innovation in the Internet of Things", regarding issues that might affect the development of the emerging Internet of Things (IoT) sector in the United Kingdom. Ofcom is the UK's independent regulator and competition authority for the UK communications industry. It regulates the TV and radio sectors, fixed line telecoms,...

The head of the UK's Financial Conduct Authority, Chief Executive Martin Wheatley, used a speech at Bloomberg, London given on 3 June 2014 to promote the FCA's Project Innovate (the drafted text of Martin Wheatley's speech can be read at http://www.fca.org.uk/news/making-innovation-work). The FCA is the regulatory body that, following reforms introduced by the Financial Services Act 2012,...

In previous posts (Proposed Changes to UK's TUPE will impact outsourcing deals, The UK Government consults on proposed changes to the TUPE regulations) we highlighted the UK Government's proposed changes to the Transfer of Undertakings (Protection of Employment) Regulations 2006 ("TUPE 2006"). The UK Government has now finalised these changes, resulting in the Collective Redundancies and Transfer

The High Court of England and Wales has recently decided that a contract can, in principle, be made in two separate jurisdictions at the same time if the contract does not include choice of law and jurisdiction clauses. In this situation, either party could seek to enforce the contract in its home jurisdiction.

As part of its UK Employment Law Review in 2012, the UK Government announced that it intended to remove the third-party harassment liability provision from section 40(2) of the Equality Act 2010. This provision was repealed on 1 October 2013. This post considers the impact of the repeal and whether employers are safe from claims made by their employees based on harassment by their outsourcing or...

On 19 November, Datateam won permission to appeal from an unreported decision of District Judge Bell sitting in the Reigate County Court on 12 June. The facts of the case, which related to unpaid invoices for database maintenance services, are not of interest except to say that the services agreement did not establish a contractual lien over the customer's data, that is, it did not contain an...

The Transfer of Undertakings (Protection of Employment) Regulations 2006 ("TUPE") is in the spotlight as part of the UK Government's Employment Law Review. Launched in 2011, the purpose of the review is to reform employment law in order to achieve a fair, effective and flexible labour market in the UK. The Government says that these reforms will support better relationships between workers and...

It has been said for some time that data is the new oil, but many global organizations continue to struggle to comply with regulatory requirements when it comes to the exploitation of this valuable resource.

In a previous post, TUPE: Service Provision Change, we discussed that the UK Government had issued a Call for Evidence to review the current Transfer of Undertakings (Protection of Employment) Regulations 2006 ("TUPE 2006") as part of its wider review of reforms to UK employment laws. The Call for Evidence concluded in 2012 and the UK Government has now launched a consultation on its proposal to...

The UK government has issued a consultation on proposed changes to the Transfer of Undertakings (Protection of Employment) Regulations 2006 (SI 2006/246) (TUPE).

The FSA has written a 'Dear CEO Letter' warning that the asset management industry does not have "effective recovery and resolution plans" in place should an outsourcing provider face financial distress or severe operational disruption which could lead to client detriment.

"Everywhere you look, the quantity of information in the world is soaring." ICD has predicted that, by 2012, mankind will have created 2.7 zettabytes of data! The numbers are mind boggling - a zettabyte is a 1 billion terabytes. With all of that data comes the Next Big Thing - namely, Big Data.

I recently attended the UK Society for Computers and Law's Annual Conference where Cloud Computing was one of the 'IT Law Hot Topics' under discussion. The others, in case you are interested, were Big Data, Apps and Mobile Payments. The event was sold out which goes to show how 'hot' these topics really are!

London has just witnessed an amazing summer of sport, with the Olympics and Paralympics having come to a close. Yet the impact of the Games may be broader than simply having provided Londoners (and the world) with a brilliant injection of morale and amazing photo opportunities. There are many chances for businesses to learn valuable lessons from the Games, including in the areas of risk...

On 16 August 2012, the ICO published guidance on deleting personal data under the Data Protection Act 1998 (DPA). The guidance describes how organisations can ensure compliance with the DPA when they delete or archive personal data, and explains what the ICO means by deletion and archiving and introduces the concept of putting personal data 'beyond use.'