Premier Member Profile

Business & General Consulting Ltd

Contact: Tim Newton
Address: Wraysbury House, Forestside, Rowlands Castle, Hants, PO9 6ED
T: 02392 990168
.(JavaScript must be enabled to view this email address) | Company Website

Using the Cloud to share documents? Tresorit is an Ultra-secure alternative to DropBox with EU-based storage.

Listed in: IT Security

Earlier this month,  the European Union’s highest court struck down the 15-year-old “Safe Harbor” agreement. Its downfall, with immediate effect, has opened a new era in the digital world. Not only major tech companies, but each and every small and large business in the EU has to adapt – right now. To understand the decision and cope with the fallout, read on.

The European Highest Court prohibits transferring EU citizens’ personal data to countries outside the EU. The Safe Harbor framework was an exception: it allowed EU companies to transfer and store EU citizens’ personal data to US companies that self-regulate themselves and agree to meet Safe Harbor principles.

What is the implication of the decision?
Private individuals are free to decide to store their data with US-based companies, at their own risk. But companies cannot transfer EU customers’ personal data to the US without the customers’ consent.

A customer name, email or home address, employee’s HR data, health information or any documents containing such data falls under this regulation.

As a result of the new rules, the 4,400 services that transferred data under the ‘safe harbor’ agreement should be avoided if you want to store, process or share personal data about your customers, employees or business partners.

This applies to all EU-based companies, so for example:
• a German hospital cannot use US web-based service to process patients’ data
• a UK firm cannot store HR data about employees in Box or Google Drive
• Facebook Ireland cannot share consumer data with US based Facebook Inc.
• A multinational’s German subsidiary cannot share their German customers’ or employees’ personal data with its US branch.

To minimize risks, EU businesses’ best choice is to use EU-based services, where the customer data is never processed in the US. How do you know which services are which? To see the full list of companies which used to rely on Safe Harbor, see https://safeharbor.export.gov/list.aspx