The General Data Protection Regulation (GDPR) is the most fundamental change to our data protection laws in over 20 years and, unsurprisingly, it continues to be on everyone’s mind as we move into 2018 and towards 25 May when it comes into effect.
Now the most pressing concern is to ensure that we as individual operators, and as a sector at large, understand the implications of GDPR and comply with its legislative requirements. However, there is still confusion among data centre operators who struggle to understand whether and how it applies to them. While pretty much all companies are data controllers of some kind, not all are data processors for third parties, so it was important to clarify the types of operations deemed to be data processing and where they occur in the data centre service stack.
We have therefore produced this Decision Tree on GDPR for Data Centres that helps them navigate through the definitions and obligations and understand how they are likely to apply. Members can download the document below.