TECH & SERVICE PROVIDERS
now define their strategy as hybrid or multi-cloud .”
While cloud-based services can offer organisations significant value in terms of collaboration , Bindley suggested that using these applications “ leads to an increase in international data transfers ”.
This can result in compliance issues for users and providers , he outlined , “ due to the ever-changing and differing data protection and privacy laws across the world .
Following the UK ’ s exit from the European Union , data transfers from the UK to the EU are safeguarded by the Adequacy Decision announced on the 28 June 2021 , meaning personal data can continue to flow between the two without the need for organisations to ensure appropriate safeguards apply .
While the UK ’ s data protection regime is deemed adequate until 27 June 2025 , this will only be renewed if the UK continues to protect the personal data of EU residents , in line with the EU GDPR rules . If UK data protection law significantly diverges from the EU GDPR , the Commission could withdraw this decision ,” said Bindley .
“ For many government the world , data is now component of the deci making process ”
JASON FOSTER CEO , CYNOZURE AND CDO HUB
How do these laws affect businesses ? Taking a multi-cloud approach means businesses will be storing data across the different sites that they use for different activities , such as HR or payroll .
Bindley doesn ’ t suggest turning back the clock on cloud migration , but “ it ’ s important to closely examine where your data resides , what ’ s in the small print , and whether your cloud services provider is being transparent .”
Once data is in the cloud , “ a lot of businesses will assume its security is the responsibility of whoever runs that cloud , such as Microsoft for Microsoft 365 ”. However , the security for that data is still down to the business itself , and “ it ’ s the
128 September 2022