Overview
With a view to helping managers ask the right questions, Data Protection and the Cloud explains how you can effectively manage the risks associated with the Cloud and meet regulatory requirements. This book discusses: The controller–processor relationship and what you should pay attention to; How to mitigate security risks in the Cloud to comply with Article 32 of the EU GDPR (General Data Protection Regulation); How to comply with Chapter V of the GDPR when transferring data to third countries; and The implications of the NIS Directive (Directive on security of network and information systems) for Cloud providers. One of the most dramatic recent developments in computing has been the rapid adoption of Cloud applications. According to the 2018 Bitglass Cloud Adoption Report, more than 81% of organisations have now adopted the Cloud in some form, compared with only 24% in 2014. And there are no signs that this is slowing down. The GDPR was enforced on 25 May 2018, superseding the 1995 Data Protection Directive and all local implementations. Bringing data protection into the 21st century, the Regulation expands the rights of individuals, but also introduces new, stricter requirements for organisations. This pocket guide discusses the GDPR requirements relating to Cloud sourcing and the risks involved. With a view to helping managers ask the right questions, Data Protection and the Cloud explains how you can effectively manage the risks associated with the Cloud and meet regulatory requirements. This book discusses: The controller–processor relationship and what you should pay attention to; How to mitigate security risks in the Cloud to comply with Article 32 of the EU GDPR (General Data Protection Regulation); How to comply with Chapter V of the GDPR when transferring data to third countries; and The implications of the NIS Directive (Directive on security of network and information systems) for Cloud providers. One of the most dramatic recent developments in computing has been the rapid adoption of Cloud applications. According to the 2018 Bitglass Cloud Adoption Report, more than 81% of organisations have now adopted the Cloud in some form, compared with only 24% in 2014. And there are no signs that this is slowing down. The GDPR was enforced on 25 May 2018, superseding the 1995 Data Protection Directive and all local implementations. Bringing data protection into the 21st century, the Regulation expands the rights of individuals, but also introduces new, stricter requirements for organisations. This pocket guide discusses the GDPR requirements relating to Cloud sourcing and the risks involved. Supplemental material While most of the EU GDPR’s requirements are broadly unchanged in the UK GDPR, the context is quite different and will have knock-on effects. You may need to update contracts regarding EU–UK data transfers, incorporate standard contractual clauses into existing agreements, and update your policies, processes and procedural documentation as a result of these changes. We have published a supplement that sets out specific extra or amended information for this pocket guide. Click here to download the supplement. Buy today and learn how to meet your data protection obligations when using Cloud services.
Full Product Details
Author: Paul Ticher
Publisher: IT Governance Publishing
Imprint: IT Governance Publishing
Edition: Second
Dimensions:
Width: 9.50cm
, Height: 0.50cm
, Length: 16.50cm
Weight: 0.058kg
ISBN: 9781787780286
ISBN 10: 1787780287
Pages: 80
Publication Date: 06 November 2018
Audience:
Professional and scholarly
,
Professional & Vocational
Format: Paperback
Publisher's Status: Active
Availability: In Print
This item will be ordered in for you from one of our suppliers. Upon receipt, we will promptly dispatch it out to you. For in store availability, please contact us.
Reviews
This second edition provides a useful background on issues for cloud data privacy. It has been much updated and I liked the clear wording used to describe the Cloud implications of GDPR data subject rights and also storing data in the cloud, particularly in different parts of the world. The chapter on legal and contractual risks of cloud data privacy is extremely helpful. The requirement to ensure cloud security throughout the whole life of the data can be difficult and the advice given is very good. The additional considerations of BYOD are also clearly described. Some of the recommendations may seem obvious but in my experience they often get over looked. The checklist will also be useful to help ensure the completeness of items to include when establishing cloud arrangements for data that includes personal data.
Author Information
Paul Ticher has over 25 years’ experience in the voluntary and public sectors as an information worker and manager, and has served as board member, trustee or governor of various local and national bodies. His data protection experience goes back as far as the Data Protection Act of 1984.
