Tips To Aid Compliance With Global Data Privacy Laws

By Author: martin well
Total Articles: 364
Comment this article

Businesses that depend on technology in a big way are looking at a rapid growth in the role of IT Compliance. With employees working in countries with strict privacy laws, one of the ways for data privacy is to prevent any access to personal data from outside and keep it within the country where it is obtained from. Another way is to certify that data transferred outside the jurisdiction will adhere to local legal strictures. However, most organizations follow the former.

Privacy laws do not prevent managers from accessing sales and performance data from outside a territory as long as IT ensures that PII, such as a customer phone number or employee attendance history, is not involved. Here are a few tips that can help compliance with international privacy laws. While it is inevitable that compliance with global laws falls to IT, adhering to a few industry best practices can help.

Be familiar with your data

What is most important is having a precise understanding of the data. By conducting a data inventory you will know where the data resides and which country it comes from.

...
... Don’t collect unnecessary data

Not taking what you don’t need is a practical solution. It is important to collect some PII from customers and employees but collecting excess information is of no use. It only makes following international data laws a lot more difficult.

Consider privacy when planning cloud implementations

The company that first accepted the data will be legally accountable for what happens to it if the vendor fails to abide by the contract. As cloud providers often move data around among different hosting companies, it is best to opt for EU only cloud solutions. Alternatively if it’s a U.S. based cloud company, ensure that it is Safe Harbor adherent and it also should certify that the data won’t be moved offshore. Another option is to bind the cloud vendor with a contract that requires it to treat PII in accordance with the EU directive.

Manage international data in a GRC plan

Solutions used for compliance with crucial regulations can also remove process slip-ups like finding incorrect or duplicate payments etc. The risk tools that help you from being fined for regulatory violations can also help you with the bottom line for reasons unrelated to compliance. If you’re implementing a new system and defining business processes, it helps not only to minimize the long-term cost of compliance but to proactively manage the risk of a global IT project.

Tackling international privacy laws can be made simple with the help of a professional partner in case of company international expansion. They have the real-time knowledge and experience to seamlessly take care of other areas of your business like international accounts payable regulatory filing requirements etc. efficiently. Thus making you free to focus on the work that counts most, your core business!

Know more on:
International financial accounting,
Doing business overseas