The European Union (EU) has generally enforced stricter rules on data protection, but its 1995 Data Protection Directive is now outdated – it does not address the many ways in which data is stored, collected, and transferred today. This has necessitated the new EU General Data Protection Regulation (GDPR). GDPR comes into effect on May 25, 2018, with a two-fold objective. The first it to give EU residents more control over the use of their ‘personal data’. By strengthening data protection legislation and introducing stricter enforcement measures, the EU hopes to improve trust in the emerging digital economy. Secondly, the EU wants to give businesses a simpler, more transparent legal environment to operate.
GDPR compliance is required by all organizations who have:
Tata Communications is committed to GDPR compliance across cloud services. We are also committed to helping our customers on their GDPR compliance journey by building robust privacy and security protection into our services.
Our cloud and hosting solutions already have specific features and services which ensure compliance with GDPR:
The shared responsibility model:
Both the customer organization and Tata Communications have essential roles in ensuring GDPR compliance objectives. Organizations are directly responsible for their applications and data, data access and encryption. Partners, meanwhile, are responsible for the underlying infrastructure, physical access control and operational security.