Location, Location, Location!
Where you store your data is just as important as what you do with it!
As cloud storage becomes a default mode, and companies serve customers in ever more far-flung markets, it can be tricky to know exactly where your data is being stored. More than half of available cloud storage is controlled by just four major corporations. Amazon is by far the biggest, with about a third of the market share; next are Microsoft, IBM and Google. What questions do you need to answer when considering where to store your data?
Reuters reported in February 2018 that very few US companies were fully ready for GDPR: “on a scale of zero to one hundred, there are quite a few, mostly smaller firms that are at zero, whereas most of the largest firms with international operations are somewhere between 90 and 95, and no one is at 100.” Combine this with a degree of uncertainty about how enforcement works on the other side of the Atlantic, and firms would do well to be cautious about hosting their data in the United States.
Compare this with the UK. We all know what GDPR is, why it is and who it is. The Information Commissioner’s Office can impose a fine of either €20 million (£17.78 million at time of writing) or 4% of a company’s global turnover. Both consumers and businesses are aware of these key elements.
Time on your side?
A further element which is often overlooked is time difference. An urgent Subject Access Request from an angry prospect arrives in your inbox bang on 9 am. They want to know exactly what data you have on them, and how you have come to hold it.
At your outsourced data centre in San Francisco, it’s 2 am. How rapidly are they going to respond? Quickly enough to cool the steam coming out of your contact’s ears?
The Brexit Question
As with any industry, the Brexit angle is worthy of consideration. At the time of writing, the UK will be considered a “third country” for the purpose of the European Union’s data protection laws. This means that to avoid a major change in how EU data is processed, stored and used in the UK, something similar to the EU-US Privacy Shield will need to be negotiated.
The Privacy Shield is an agreement signed off by the EU and America’s Department of Commerce to protect data held about European citizens by US companies. While this puts a degree of protection in place, it is not as stringent as the full GDPR text, and it seems reasonable to predict that it would be used as the basis for a future UK-EU agreement.
The CommuniGator Angle
We acquire and store all of our data in the UK, to keep compliance straightforward and easy to manage. This is the optimal solution for our customers and prospects, as questions of different time zones and legal jurisdictions do not arise. That means we can focus on helping you to unlock the full value of your data. We are fully up to speed on GDPR, we are in the same time zone as all our customers, and our data will not need an international agreement to cover its storage and use. Most importantly, we use our own software every day, so we can speak honestly and with experience about how it deals with all these sensitive data issues.
CommuniGator’s position is simplified by the fact that we work with UK businesses, who work with UK businesses themselves. This keeps the data protection required at every level of our operations simple; we do not have to worry about what to do with data on American businesses, since we do not come into contact with it.