Who’s responsible for data governance & privacy of SaaS platforms…
In my opinion, we all need to be held responsible to some degree, but in some cases, it does come down to the SaaS application and its purpose of use.
There are several cases when the responsibility lies on both sides, for example;
Let’s just say the end-user signs up with a poor username & password is it then still the organisation’s responsibility?
Even know that the system provided validation & conditions of use.
Social media SaaS platforms are in the section where a lot of the data uploaded is for public viewing & let’s not forget that most systems are free.
On the other hand, who owns the data once it is uploaded or generated within the SaaS system, I’m sure most of us never read the terms and conditions.