How should data processing suppliers outside the EU be managed?
8 August 2017
How should organisations in countries that have to comply with GDPR deal with organisations in countries that don’t? Cyber security keynote speaker Edward Lucas explains.
Edward Lucas poses two questions for organisations to answer: how they look after the personally identifiable data (PID) in their organisation, and how they share PID with other organisations. Any organisation sharing data with suppliers or partners outside the EU will still be responsible for the security of that data. Some countries outside the EU such as Argentina are regarded as having adequate data security laws so transferring personal data to those countries is compliance risk free. But for other countries such as the USA organisations will need to make sure they take adequate steps to keep their data secure.
At The European Information Security Summit in London, expert speakers addressed 400 information security industry leaders as part of discussions on how to build an agile cyber security culture.
Would you like to build a robust incident response plan? Join our R3: Resilience, Response & Recovery conference, on September 26 in London.
R³: Resilience, Response & Recovery 2017 is the #1 conference focusing on post breach response plans, including forensic and legal requirements, communication strategies and top tips for a fast recovery.