Rising to the Challenge of Data Privacy and Compliance

GettyImages_179209164The staffing industry, by its very nature, stores information on individuals and much of it is either private or confidential. The Edward Snowden controversy (and multiple data breaches of large stores) in the US have highlighted that while you may believe private information is stored securely, there is still the possibility of it being accessed without knowledge or permission. Even if businesses have multiple security measures in place to protect data, confidence and trust has been repeatedly compromised. This is an important issue for those working in the temporary staffing industry given that information held on contractors can regularly include sensitive data such as address details and pay rates. Furthermore, this data often needs to be transmitted among different systems including to and from client environments.

One of the results of these known issues is that organizations are increasingly specifying that their European data be stored within the EU or the wider community of countries that make up Europe. Historically, multinational companies have only stored customer data within data centers in the US; but the combination of the Snowden effect and stricter EU Directives means there is growing interest in EU storage facilities. If any further incentive was needed, the European Commission has suggested that organizations face fines of up to 2% of their global annual turnover (revenue) if they breach the EU data laws.

PREMIUM CONTENT: Cross-Border Data Transfers: EU Reforms and the Future of the US-EU Safe Harbor

EU Data Protection Directive (Directive 95/46/EC) requires a high level of security, protection and governance of data generated within European countries. Storing this data in a facility within the EU and following the strict guidelines of the directive will satisfy the dictate and provide a high level of confidence for customers. Although organizations may also use Safe Harbor Principles – a process for US companies to comply with the EU Directive 95/46/EC for the protection of personal data stored US data centers – for many, this still may not be enough.

In addition to security, businesses need a robust and reliable data management service that is flexible enough to scale with their clients’ changing needs. Increasing data access speeds and reducing latency are critical for this. A locally-oriented data storage policy is becoming more popular and while still delivering the benefits of data hosted by a third-party, it satisfies legislative and best practice requirements of the industry, as well as individual privacy concerns.

This leads us to think about the actual location of the data center. Is it enough to use a facility in Europe or does this need to specifically need to be in an EU state country? Public angst may be eased by not locating data in the US but having an EU state location is a must to comply with regulations. Specifically, locating within an EU country such as Germany provides a future-proof data strategy required when planning for legislative requirements.

We only have to look at some of the recent data breaches to make the headlines such as Target, Sony and Home Depot to appreciate the level of associated financial and reputational risks. Trusted with our personal details, the staffing industry needs to face these challenges and address the real concerns of organisations and individuals who are increasingly asking the question,‘where is my data stored?’

MORE: Protect that data

 

Simon Fahie

Simon Fahie
Simon Fahie is managing director for Europe, Middle East and Africa (EMEA) at IQNavigator. He looks at the issues around storing staffing data in Europe.

Simon Fahie

Share This Post

Tweet

Related Articles

Powered by staffingindustry.com ·