In case you’ve been too busy to know what we’re talking about, the General Data Protection Regulation (GDPR) is a new regulation that will give people more control of how their personal data is managed - coming into force on 25th May 2018.
While many businesses are rushing to ensure the data they hold on-site meets these new standards, they must also consider how any data of theirs held by a data centre is stored. We’ve outlined four key considerations when thinking about your data centre partner and GDPR compliance.
The first thing businesses will need in order to maintain GDPR compliance is access to their data at any time. This access is key to enable companies to clear out old, archived data once it has served its purpose, or update records in accordance with an individuals’ requests (ie – mailing preferences, right to be forgotten, etc). If their data is stored off-site with a data centre then businesses should make sure their data centre offer full availability and uptime supported by efficient management processes.
GDPR stresses the importance of ensuring there is a transparent relationship between data processor (in this case your data centre) and data controller (your business). The end user should have total visibility of factors such as where copies of their data are stored, and whether the processor employs any third-party suppliers. Data processors are required to “allow for and contribute to audits” conducted by the data controller.
Keeping track of your data is essential. Part of the GDPR is that companies cannot retain legacy data on individuals beyond its intended purpose. No doubt there are businesses out there running servers with data that is no longer used, resulting in unnecessary energy consumption and wasted resource, both from a financial and management perspective.
Some companies may find themselves in the position of having disparate data and information stored across several facilities. Whilst this can be a challenge in in ensuring you can keep track of what data is where, in addition it means that it is necessary to ensure each of these data storage locations is set up to help you comply with the GDPR.
You can’t think of data and not have the word “security” spring to mind. For many though, this word raises concerns around protecting data from cyber-threats, but for a data centre, it means protecting data from threats like power outages, network disruptions and natural disasters. An essential consideration for data security is ensuring that where the data is stored has the robust facilities to mitigate or address such risks. Moreover, GDPR now requires you to include the ability to audit and evidence that security.
Datum’s data centre is a first-class facility that is managed and run to the highest industry standards, enabling us to be ahead of the game when it comes to supporting clients in storing and managing sensitive data.
The best way to truly appreciate the benefits of our data centre is to book a tour and have a look around.
To discuss logistics or any other questions you may have around our GDPR compliance before booking a tour, contact us and speak to a member of the team.