Six tips for better data risk negotiations from Chief Risk Officer Michelle Griffey Choosing a collaborative approach rather than box-ticking and backside covering will be a win-win, says Communisis CRO Michelle Griffey: Assurance trumps compliance Michelle Griffey, Chief Risk Officer at Communisis, has led data risk and compliance negotiations with partners at both service providers and their clients. Here she offers some words of advice for creating a healthy working relationship that prioritises security. Almost every organisation has partners. Sometimes the organisation is a client, purchasing services from a third-party supplier, and sometimes the relationship is reversed. With data protection an increasingly hot topic, and with breaches potentially ruinous to both finances and reputations, companies that farm out personal and sensitive data for processing and storage need to calculate how far they should trust their suppliers to look after it securely. Thanks to GDPR and other data protection legislation, it's no longer possible to simply pass liability for a breach down the supply chain.