The self-updating document is widespread in the SaaS world. In recent years there has been a trend towards vendors emailing a notice to users stating, "We've updated our privacy policy" or something similar. Fewer than 25% of vendors send these notices — fewer than that point out what has been updated.
Even if the notice includes a summary, it's typically a sanitized friendly summary of changes that's gone through the marketing department. It usually does not include a statement around how the changes can impact your specific business.
Counting on vendors to self-report in an accurate, timely, and transparent manner is irresponsible. Would you trust a restaurant to do its own health inspection? Then why trust a vendor to do its document inspection?
Many enterprises mistakenly believe they do not need to track policy documents since they signed a separate contract for an enterprise service. Most of these contracts refer to external policies.
Even worse, many also include a self-updating clause for specific sections with the responsibility to monitor being put on you the customer. Are you monitoring these policy changes? Osano can do it for you.