FREMONT, CA: The General Data Protection Regulation (GDPR) has made all the buzz, and for a good reason, it represents a significant change in how data will be handled. In Europe, a GDPR Preparedness Pulse Survey was conducted in which half of the survey respondents mentioned GDPR as a top priority, and 38 per cent named it among their top priorities. As GDPR becomes a mandate, data centres in Europe also have a significant impact. Read on to know more about what has changed for data centre owners.
Data processing under GDPR covers storage and deletion count as processing. The regulation has had a significant impact on those that provide such services. Over time leading up to GDPR, there has been a massive uptake in policy revisions and updates by data centre owners. Data centre owners are preparing themselves to give individuals access to their data and to explain clearly how the information is used, how long it will be retained, and whom it will be shared with.
Over the last two years, data centre owners have had an increase in customer audits. GDPR has led customers working more closely with data centres, asking more about exactly where their information is stored. Customers request site visits to complete detailed risk assessments, according to data centre owners.
The geographic location of data matters under GDPR, which prefers data that is stored and processed within one of the 28 EU countries. Given the complexity of the rules and the high financial stakes, organisations are opting to store their data in the EU. Cloud service providers are also looking at EU data centres post-GDPR. This increased traffic made data centre owners manage the data flow carefully. They are tailoring contract, binding corporate rules, codes of conduct, and certification schemes to be more compliant in their business.
The ability to comply with the GDPR is not a silver bullet to prevent all data breaches. Data centre owners have realised that it is about ensuring the lawfulness of processing and focusing on the protection of the rights and freedoms of the data subjects themselves. Data centres are achieving this through the consistent implementation of appropriate data protection practices in people, process and technology.