As many of you will know, today is Data Protection Day, or Data Privacy Day, as it is known in the US. This is the anniversary of the Council of Europe’s Convention number 108 being signed.
This convention aims to regulate the flow of personal data across borders, as well as the processing of sensitive personal data, and with it, individuals also have the right to know where their personal data is stored, and to have this corrected when necessary.
As individuals’ personal data has become increasingly accessible and difficult to remove, there’s been a need to re-assess how we process and safeguard our data footprint. There is currently a lot of discussion around data protection laws in the EU and the US, much of which is driven by last year’s European Court of Justice ruling stating that Safe Harbor can no longer be used as a way to transfer/share data between the US and the EU. In light of this, there is a need for organisations globally to re-consider how they approach data protection and data privacy.
While we await decisions on data protection rulings, one thing is certain: organisations should take the time to evaluate the way that they handle and protect data that they are responsible for. For those unprepared for legislative changes, there is a hefty fine of 4% revenue to pay for non-compliance. Having control over where data is stored and ensuring that it’s correctly protected has never been more critical.
To remain compliant, an effective data management infrastructure is essential. Whether data is stored on-premises or with an external public cloud provider, organisations should ensure that data is collected, processed, accessed, shared, stored, transferred and secured in lawful ways. Ideally, there should be flexibility for data to be integrated, managed and replicated across different storage systems and cloud vendors, so that it can be controlled, moved and also deleted if necessary.
Our NetApp clustered Data ONTAP storage operating environment helps with this. It can be used across cloud and on-premises infrastructures to create a Data Fabric that acts as a single system, meaning that data is more easily managed, controlled and can be bi-directionally moved between different clouds or on-premises data centres. This helps with the issue of compliance for both organisations and cloud service providers.
Another increasingly popular option is to use NetApp Private Storage for Cloud, where data is essentially stored ‘next to the cloud’ by securely locating the data storage in a colocation data centre connected by a low-latency link to a public cloud provider such as; AWS, Azure, or SoftLayer for the compute element. This approach is very well illustrated in this blog from my colleague Herbert Bild, in which he outlines what our customer DARZ is doing in Germany.
Almost like a “New Year, New You” fitness regime, this year’s Data Protection Day is a useful time for organisations to take stock of their data management systems to ensure data is correctly protected to meet future compliance regulations.