Cloud computing and privacy are innately at odds. Privacy laws apply to one country; the public cloud, in its ideal form, is not related to any country. Privacy officers should not accept "no" for an answer when asking whether the processing of personal information in the cloud or abroad is allowed. Most privacy laws have some flexibility, guidance is evolving slowly and, in many cases, there are legally acceptable solutions. Organizations should focus on the location of the legal entity of the provider, not on the physical locations of its operation centers.
There are other cases when sensitive company information should not leave the country (for example, if there are export control or national security concerns), but in most cases — and usually under conditions — in-country storage is not mandatory for privacy compliance. In some cases, it will be sufficient to ensure that personal data will not be stored in a specific country that is known for its privacy violations.
Privacy officers — and enterprise decision makers — should support IT’s cloud and offshore initiatives where possible while achieving maximum privacy protection for the individual customer or employee. This will consume 20 to 30 percent of the privacy officer's time.
Top Five Privacy Issues Organizations Must Tackle
Top Five Privacy Issues Organizations Must Tackle
Data breaches, cloud computing, location-based services and regulatory changes will force virtually all organizations to review, and at least half of all organizations to also revise, their current privacy policies before year-end 2012, according to Gartner, Inc. These issues will dominate the privacy officer’s agenda for the next two years.
“In 2010, organizations saw new threats to personal data and privacy, while budgets for privacy protection remained under pressure,” said Carsten Casper, research director at Gartner. “Throughout 2011 and 2012, privacy programs will remain chronically underfunded, requiring privacy officers to build and maintain strong relationships with corporate counsel, lines of business, HR, IT security, IT operations and application development teams. An established relationship with regulatory authorities and the privacy advocacy community will also be an advantage to them.”
Gartner has identified the top five issues that privacy officers must pay particular attention to in 2011 and 2012.
More Slideshows:
Six Steps to MDM Success Steps you should take before embarking on a master data management initiative.
Five Innovations that Could Change the Way We Live,
Work and Play IBM predicts five ways that technology innovations will change people's lives.
Five Voice Recognition Software Picks Top voice recognition software offerings that may take you to the next level
in terms of productivity.
