Skip to content
11:11 Systems
Rethink Connected
11:11 Systems11:11 Systems
  • Why 11:11
    • Submenu
      • Column 1
        • Cloud Console
          Cloud Console
          Compliance
          Compliance

      • Column 2
        • Global Regions
          Cloud Regions
          Catalyst
          Planning and Assessment

      • WHY CHOOSE 11:11
      • Overview
      • Leadership
      • News & Media
      •  
      • Careers
      • Technology Partners
      • Customer Stories
  • Products & Services
    • Products & Services
      • CLOUD
      • Cloud Overview
      • Public Cloud
      • Private Cloud
      • Object Storage
      • Cloud Labs
      • Colocation/Bare-Metal
      • BACKUP
      • Backup Overview
      • Veeam Backup
      • Microsoft 365 Backup
      • Managed Backup for Cohesity
      • DISASTER RECOVERY
      • DRaaS Overview
      • DRaaS for Veeam
      • DRaaS for Zerto
      • DRaaS for Azure
      • Autopilot
      • SECURITY
      • Security Overview
      • Continuous Risk Scanning
      • Managed SIEM
      • Managed EDR
      • Managed Firewall
      • CONNECTIVITY
      • Connectivity Overview
      • SD-WAN
      • Multi-Cloud Connect
      • Managed IP
  • Solutions
    • Solutions Submenu
      • INDUSTRY
      • Education
      • Financial
      • Government
      • Healthcare
  • Partners
    • Partners Submenu
      • Overview
      • Become a Partner
      • Partner Portals
  • Resources
    • Resources Submenu
      • Events
      • Webinars
      • News & Media
      • White Papers
      • Podcast
      • Data Sheets
      • Customer Stories
      • Innovation Blog
  • Support
    • Support Submenu
      • Contact Support
      • Product Documentation
      • API Documentation
Search:
  • Console Login
  • Contact
Header Right Menu
Free Trial
  • Why 11:11
    • Cloud Console
    • Compliance
    • Cloud Regions
    • Planning and Assessment
    • WHY CHOOSE 11:11
    • Overview
    • Leadership
    • News & Media
    • Careers
    • Technology Partners
    • Customer Stories
    • Blog
  • Products & Services
    • CLOUD
    • Cloud Overview
    • Public Cloud
    • Private Cloud
    • Object Storage
    • Cloud Labs
    • Colocation/Bare-Metal
    • BACKUP
    • Backup Overview
    • Veeam Backup
    • Microsoft 365 Backup
    • Managed Backup for Cohesity
    • DISASTER RECOVERY
    • DRaaS Overview
    • DRaaS for Veeam
    • DRaaS for Zerto
    • DRaaS for Azure
    • Autopilot
    • SECURITY
    • Security Overview
    • Continuous Risk Scanning
    • Managed SIEM
    • Managed EDR
    • Managed Firewall
    • CLOUD CONNECTIVITY
    • Connectivity Overview
    • SD-WAN
    • Multi Cloud Connect
    • Managed IP
  • Solutions
    • INDUSTRY
    • Education
    • Financial
    • Government
    • Healthcare
    • Column 2
  • Partners
    • Overview
    • Become a Partner
    • Partner Portals
  • Resources
    • Events
    • Webinars
    • News & Media
    • Whitepapers
    • Podcast
    • Datasheets
    • Customer Stories
    • Innovation Blog
  • Support
    • Contact Support
    • Success Center
    • API Documentation
  • Contact
  • Console Login
  • Free Trial
Author: 11:11 Systems
Date: February 8, 2016

Safe Harbor Isn’t Over: Steps You Can Take

Editor’s Note: As of January 2022, iland is now 11:11 Systems, a managed infrastructure solutions provider at the forefront of cloud, connectivity, and security. As a legacy iland.com blog post, this article likely contains information that is no longer relevant. For the most up-to-date product information and resources, or if you have further questions, please refer to the 11:11 Systems Success Center or contact us directly.

As was covered previously, there is a new Safe Harbor agreement tentatively in place called EU-U.S. Privacy Shield, which is being reviewed for approval by the Article 29 Working Party. We also know that there are already folks out there looking to take the new framework to court within the EU, which may result in another nullification if the EU courts feel that the privacy controls are still not addressed.

Organizations should be watching this very carefully and tracking it as a real risk. One of the main functions of good compliance and IT governance is risk mitigation. Below are some easy steps that will help keep your options open if we have another issue with the new framework.

While this work is being approved and formalized, and as we all wait for the eventual lawsuits around this new legislation to occur, organizations should be looking at and considering mitigation plans. We have a reprieve and should use it to mitigate risk; another breakdown of data laws will be crippling to organizations.

Steps should be taken to understand where your organization’s data resides, in order to address data sovereignty and the collection of information. First, a few questions:

  • Where is your cloud vendor storing data?
  • Does it “float” in a cloud to different geographical regions?
  • Is it under your control or the control of an cloud vendor?

Next act:

  • Reduce analytics and wide data collection to only what is required to provide services.
  • Ensure you have clear privacy notices and policies in place.
  • Inform and get approval from customers to use their personal information. That means being honest about what you plan to do with collected data.
  • Be cognizant of where this data is being stored.
  • Review any subcontracted services to ensure they also conform to your agreements. Don’t get caught on the wrong side of an audit because your cloud vendor or vendors are not bound by business agreements to handle data to the same standards as your organization.

If we know there is a risk of another framework breakdown why not segment the data if it’s feasible?

11:11 Systems takes data sovereignty very seriously, not just for our internal functions but those of our customers. We take it so seriously that we have our own customer-facing compliance and security departments that do nothing but work to ensure that customers’ compliance and security requirements are aligned – not just at the cloud vendor level but also within the customer’s organization.

With many cloud providers, you’d be lucky to get a copy of their auditor reports. Would they be willing to help you perform your governance reviews or sit next to you during audits? Ask.

This week’s news was very welcome: we have a tentative agreement and roadmap in place with Privacy Shield! Just remember that we still have an identified risk and some relatively easy steps can be taken to reduce that risk. Talk with your compliance and legal teams as well as your cloud’s compliance department to see how they address these concerns. Understand how they can demonstrate adherence to the new Privacy Shield framework and what they are doing to mitigate risks. Talk to us here at 11:11!

Category: Cloud ComplianceBy 11:11 SystemsFebruary 8, 2016
11:11 Systems

Author: 11:11 Systems

Post navigation

PreviousPrevious post:Safe Harbor Update: Privacy Shield AgreementNextNext post:New! Veeam On-premise with DRaaS in the Cloud

Related Posts

How secure are you?
November 17, 2022
Lord of the Rings, World Password Day, and the keys to well-rounded data security
May 5, 2021
The importance of adaptability in an increasingly complex world
January 27, 2021
Moving Healthcare IT to the Cloud
November 17, 2020
Why do you need a global footprint for your cloud?
October 26, 2020
How Best to Choose Data Backup Services
April 6, 2020
PRODUCTS & SERVICES
  • Cloud
  • Backup
  • Disaster Recovery
  • Managed Security
  • Connectivity Solutions
  • Compliance
COMPANY
  • Why 11:11
  • Customer Stories
  • Careers
  • Leadership
  • Technology Partners
  • News & Media
  • Contact Support
CLOUD REGIONS
  • North America
  • EMEA
  • APAC
CONNECT
  • LinkedIn
  • Twitter
  • Facebook
  • Youtube

© 2023 11:11 Systems Inc., All Rights Reserved | Privacy Notice

Go to Top
PRIVACY POLICY AND COOKIE CONSENT
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}
PRIVACY POLICY AND COOKIE CONSENT
To provide the best experiences, we use technologies like cookies to store and/or access device information that allows us to process data such as browsing behavior. Not consenting or withdrawing consent, may adversely affect certain features and functions. By clicking Accept, closing this message, or continuing to browse, you consent to these technologies and accept our Privacy Notice.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}