Data held on Safe Harbour ruled invalid by EU Court of Justice
19 October 2015
What Financial Brokers will need to do...
In a landmark ruling last week, The European Court of Justice ruled the Safe Harbour agreement which allows data from UK companies to be transferred to and stored in the US was last week declared invalid. This ruling that will have far-reaching repercussions for data controlling financial brokers who are currently using American based cloud providers to store data.
In a response to the ruling the Information Commissioner’s Office (ICO). David Smith said:
“This ruling is about the legal basis for the transfer of personal data to businesses that are members of the US Safe Harbour. The judgment means that businesses that use Safe Harbour will need to review how they ensure that data transferred to the US is transferred in line with the law.”
Many brokers store client confidential data on shared servers such as OneDrive, LiveDrive, Dropbox etc. which whilst they are all US companies also have a European presence however under this ruling this may leave client data without adequate protection or failing to comply with FCA & ICO Principles of the UK Data Protection Act.
How to Overcome the Problem?
Regulated Financial brokers will now need to carryout technical review of how confidential data is treated in your company to ensure this ruling does not affect your regulatory status or security of your confidential data. With the new ruling it is vital now more than ever that you have a complete understanding of where your company confidential data is stored; is it on servers within the EU or US?
The 3 Key Points to consider are;
- Verify where the confidential data is stored?
- Is your data encrypted at 'Source' or by a 3rd party provider?
- Does your existing data storage arrangements contravene UK data laws now the Safe Harbour has been ruled invalid?
Undertaking a Data Protection Health Check on the treatment of data in your business will assist to identify any potential risks of non-compliance or vulnerabilities you may have in relation to the recent Safe Harbour invalidation ruling.
If you would to learn a bit more about if this ruling will impact your regulatory status or business confidential data, please contact a member of the JMS Secure Data team on 020 3397 9026 or email us at Info@jms-securedata.co.uk