The EU law naturally encompasses protection of personal data stored and/or shared using cloud services.
It’s fair to say that many businesses and organisations operating in the EU have, at best, a limited understanding of the cloud storage they’re using, and so cloud data compliance presents another issue that needs addressing in line with GDPR regulations.
However you currently back data up, whether by cloud, tape or disk-based methods – or both – it’s worth a detailed review now GDPR compliance is business-critical. With the new EU regulation demanding consumers be able to access, correct or request deletion of their personal data, businesses need to ensure backups under GDPR are fit for purpose. Also bear in mind that older, backup techniques such as disk or even tape, will make swift access, alteration, and deletion under the ‘right to be forgotten’ rule, far trickier to achieve.
GDPR Disaster Recovery
Disaster recovery capabilities are a key aspect of the security and accessibility of any business’ IT systems, and apply directly to the storage and processing of personal data. GDPR means businesses and organisations outside the US that collect, store and process personal data from EU consumers, and any EU business that collects, stores or shares such data, must be able to recover such data quickly and intact so as not to risk the confidentiality and integrity of consumers’ information.