Data privacy: who’s protecting our data in the cloud?
It’s hard to detect the responsible for such a big matter as data privacy. Mainly because they are spread all around the world. Today we are going to see how the Privacy shield works. In order to better understand how the data flux between US and EU works. It’s been almost 40 years that this subject is under investigation. This complex data flux and the privacy – personal data management relation is one of the most complex matters to face. From 1980 (with OCSE Guidelines) to last year Privacy shield there are still problems to solve.
Data privacy and privacy shield
This is the result of several years of negotiations. Basically, it replaced the unlawful Safe Harbor Agreement. It is a mechanism that allows personal data migration from one continent to another in a much safer way. One of the biggest change is the commitment from the US administration to give access to their data.
In addition, the US trade department will run more controls side by side with american cybersecurity gurus and european authorities. There will be a monitoring phase with the european commission. During this phase a report with the achievements will be presented. Moreover, for the first time, american public authorities undergo an access limitation to personal data. These accesses will be monitored, with boundaries and warranties. Indiscriminated and massive access will be no longer tolerated.
How can an individual be protected?
Whoevere thinks to have his rights violated can now directly address to the company. The company itslef must respond of the accusations within 45 days.
Alterntively, he can address to the data protection authority that will eximinate the complaint together with the Department of Commerce and the USA Federal Trade Commission. It also still exists the chance to address the single data protection national Authorities. In case of a failure from the Federal Trade Commission, he can address to the Privacy Shield Panel for an arbitration, or, in particular circumstances, a mediation procedure.
Finally, the Ombusdperson comes in play. He is an autonomous subject that receives and evaluates complaints.
Data privacy: expectations
The first Privacy Shield revision has been a success. The control effort mainly focused on the newly introduced procedures. This revision meeting also highlighted a few criticalities of the actual system in order to improve it in the next twelve months.
How can you protect yourself?
In order to assure to your business the best tool available, Swascan together with Raoul Chiesa ( Raoul Chiesa interview ) developed a special cybersecurity platform. It is completely in Cloud, Pay per Use and SaaS. You can see for yourself in our brochure: Cybersecurity platform and have an in-depth look at our services. Our four services cover all the governance needs in terms of risk management and periodic assessment. Basically, if you need to understand the areas in which your efforts must focus, Vulnerability Assessment, Network Scan, Code Review and GDPR Assessment are the right tools for you. Last but not least, don’t forget GDPR ( GDPR guide ), and the introduction of new figures such as the DPO : our platform is 100% GDPR compliant ( GDPR infographic ).