How ready is your business?
The General Data Protection Regulation (GDPR) comes into force on 25th May 2018 and will replace the Data Protection Act 1998. Maintaining the privacy and protection of customers’ and employees’ personal information is a risk management issue for all organisations; therefore it is important that businesses have plans and procedures in place to manage the potential risk.
Storage of data is becoming increasingly more popular via the cloud, including the use of cloud back up services. Businesses will need to ensure that this data is protected, yet accessible.
If your business operates in the UK, then it makes sense to ensure that your server and backup data is in the UK too. If you trade in a highly regulated industry such as finance, you will find that in order to remain compliant, you need to ensure that your sensitive data remains within UK borders and jurisdiction at all times.
Businesses will need to:
- Identify the data - why they hold it, where it is held and who has access
- Clean the data - remove any data no longer required and update their data retention policy
- Protect the data - access control, backup and encryption
For further details visit: ICO - GDPR Overview.
Data Sovereignty and Brexit
What is Data Sovereignty?
Data sovereignty is about where certain data is held, the laws that apply to it and which governments and law enforcement agencies can claim jurisdiction over it - it’s the concept that data stored in a specific country needs to comply with the laws of said country. Data Sovereignty is not the same as data safety.
With the United Kingdom leaving the EU and with the implementation of the new GDPR, businesses will need to ensure that they are prepared and compliant.
UK legislation could change, as laws previously controlled by the EU may soon be invalid in the UK once Article 50 is invoked. This gap in regulation will need to be clarified with new legal stature that will highlight how UK data can be legally stored, and more importantly where.
Businesses will need to know where their data lies, what laws their data is subject to and who owns the data centres in which their data resides.
The safest and simplest option for businesses is to ensure their data is stored in UK based data centres that are owned or managed by UK based companies. This will ensure that the data stored is subject to UK data sovereignty regulations.
Here at Safe Data Storage we only use UK data centres and provide fully UK-based technical support. Our main data centre is based in London, with all data replicated to a second data centre in Bournemouth. Your data is safe with us.
How can Safe Data Storage guarantee you remain compliant?
Safe Data Storage is a UK based company that only uses our own UK, private and replicated storage. All data is stored in two UK, ISO 27001 certified, Data Centres.
All data is AES 256-bit fully encrypted, from point of collection, during transit and when stored ‘at rest’ in our UK Data Centres.
Safe Data Storage is ISO 27001 certified. This is a systematic approach to managing sensitive company information such as financial information, intellectual property, employee details or information entrusted by third parties and ensuring that it remains secure.
At Safe Data Storage we provide UK based support. All our services are fully managed and monitored.