Re: [Hampshire] Due Diligence of Service Providers

Top Page
This message is part of the following thread:
M-\the complete thread tree sorted by date
M.MImran Chaudhry at <-
M\MWayne Lee at ->

Reply to this message
Author: Vic
Date:  
To: hampshire
Subject: Re: [Hampshire] Due Diligence of Service Providers

> The backup service providers are often US-based small businesses who
> outsource functions to other service providers such as Amazon Web
> Services.

Be careful with putting data on US servers.

The Data Protection Act states :-

"Personal data shall not be transferred to a country or territory outside
the EEA unless that country or territory ensures an adequate level of
protection for the rights and freedoms of data subjects in relation to the
processing of personal data."

Note that the US is *not* on the list of countries with an adequate level
of protection...

If this is simply backup data - and particularly if you store it in an
encrypted filesystem - then the backup process may not qualify as a
"transfer" under the Act. But this is the sort of thing you need to check.

How much data are you talking about? It might be a lot easier to host in
Europe...

Vic.



This message was posted to the following mailing lists:
Hampshire LUG
Mailing List Info | Nearby Messages		<-[Hampshire] [josette.garcia@connect.oreilly.co.uk: O'Reilly User GroupNewsletter - November 2010]Re: [Hampshire] Due Diligence of Service Providers->
Hampshire LUG Mailing List Archive administrated by WebmasterLurker (version 2.3)