There are three key areas cloud providers need to address the needs of GDPR

One of the most discussed problems concerning GDPR issues is associated with the Cloud providers action plan elements in order to achieve GDPR compliance. The critical elements are associated with personal data transparency, data security, physical location identification, physical servers storage, or international data transfers. Working for GDPR Ready Catalog content, I asked few experts in Cloud and GDPR to share with us their recommendations for Cloud services providers.

Here we have the valuable contribution of Ian Moyse, one of the most active Cloud specialist in social media, and recognised influencers in Cloud Computing social ecosystem:

Ian Moyse

Firstly, cloud providers need to take heed that they are now also on the hook for GDPR legal liability as a Data Processor. Data laws previously put the responsibility to the Data Controller (the customer), but this changes in GDPR.

Secondly, providers also need to ensure their own GDPR compliance as customers will expect and need supply chains of theirs to comply with GDPR in its fullest. This will be needed to ensure they are only sharing any data they hold with GDPR compliant partners and thus protecting their own GDPR processes and compliance.

Cloud providers will also need to become more transparent, as customers become even more diligent around data sovereignty, security, data storage and the controls and destruction of data they have responsibility for.

Thirdly, cloud providers are going to need to ensure their service offering itself, when used by a customer, allows the customer to remain compliant. For example, if your solution stores customer data in it, providing the ability to remove data in full for ‘Right to be Forgotten’ compliance.

You cannot get your product or service GDPR certified, but you can ensure that its use allows a customer to meet GDPR requirements and not hinder them.

Ian Moyse,

Sales Director Natterbox, Board Member Cloud Industry Forum

The Romanian version of this article was published in GDPR Ready Catalog, Bucharest, November 2017 

Advertisements

About Radu Crahmaliuc
Independent IT&C analyst, GDPR advisor, digital transformation & Cloud computing evangelist, start-ups developer, freelancer, storyteller, events moderator & keynote speaker

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: