The General Data Protection Regulation (GDPR) was introduced in April 2016, and becomes fully enforceable on 25 May 2018. If you haven’t already started your preparation for GDPR compliance – or still aren’t really sure what it is and what the implications are – you’re in the right place.
GDPR replaces the EU Data Protection Directive that has been in place since 1995, and requires an overhaul of data management that will give consumers greater privacy and protection. GDPR compliance applies to businesses and organisations within the EU that collect, store or share consumer data – and to any business or organisation in the world outside of the US that collects personal data from EU residents. In short, GDPR backup and GDPR disaster-recovery options will soon become a necessity – as of 25 May 2018, non-compliance will incur significant fines.
...of backup providers are based in the U.S. where GDPR isn't front of mind
The new EU law naturally encompasses protection of personal data stored and/or shared using cloud services. It’s fair to say that many businesses and organisations operating in the EU have, at best, a limited understanding of the cloud storage they’re using, and so cloud data compliance presents another issue that needs addressing before GDPR becomes fully enforceable.
However you currently back data up, whether by cloud, tape or disk-based methods – or both – it’s worth a detailed review before GDPR compliance becomes business-critical. With the new EU regulation demanding consumers be able to access, correct or request deletion of their personal data, businesses need to ensure backups under GDPR are fit for purpose. Also bear in mind that older, backup techniques such as disk or even tape, will make swift access, alteration, and deletion under the ‘right to be forgotten’ rule, far trickier to achieve.
Disaster recovery capabilities are a key aspect of the security and accessibility of any business’ IT systems, and apply directly to the storage and processing of personal data. GDPR means businesses and organisations outside the US that collect, store and process personal data from EU consumers, and any EU business that collects, stores or shares such data, must be able to recover such data quickly and intact so as not to risk the confidentiality and integrity of consumers’ information.
BackupVault is one of the only data backup companies in the UK that can fully prepare you for GDPR. As soon as the Regulation first rolled out in 2016, we set about finding the best ways to help ensure your data backups are fully compliant and secure.
With around 90% of backup providers based in the US, where GDPR isn’t front of mind, it pays to talk to an EU-savvy provider, and one that understands the UK’s current and potential position with regard to EU regulations. BackupVault is UK-based, with UK datacentres, and we fully encrypt all consumer data we manage on clients’ behalf.
To find out more, and to discuss how BackupVault can ensure you’re fully complaint and prepared for GDPR, get in touch.