Why data regulation should be at the core of your business

By: In: Compliance On: May 06, 2014
Why data regulation should be at the core of your business

It’s easy to treat data protection as a secondary concern; something filed under N for nice to have. You may think it isn’t essential to your bottom line or your relationships with customers. As data regulations evolve, however, nothing could be further from the truth. The regulations governing data are local, sector specific and, for businesses that trade in more than one country, international in nature. They are enforced, may involve fines and have an impact on your customers.

Important regulations:

The EU Data Protection Directive is the key piece of regulation that affects how you manage and store data. While most of the directive focuses on individual rights and how businesses collect data on them there is a key stipulation concerning data processing and transmission. The Directive is constantly under review, and is subject to change.

Payment Card Industry Data Security Standard (PCI DSS) includes regulations for both conventional and online merchants who accept credit card payments. It is an international standard designed to ensure that credit card holders’ details are protected from fraud. Different degrees of stringency depending on the number of transactions a store completes each year.

Sarbanes-Oxley (SOX) affects international companies doing business in the US. Sarbanes-Oxley governs how and where you store your data as well as the protection of secure information and the retention of data for legal proceedings. Regular and in-depth audits help ensure enforcement.

Looking for guidance on data regulations and what role they play in your business? Our eBook, The Road to Know Where, provides information on regulations as well as transportation, storage and access. Get the eBook now.

← The IT director's perspective: managing data compliance Customer communications and the cost of ignoring paper [INFOGRAPHIC] →

Leave A Comment

About the author

Christian Toon

Christian Toon is a former Iron Mountain employee who now works closely with our business within his new role: Senior Cyber Security Expert at PwC UK. Christian's thought leadership in this space is well-acknowledged across the industry. Christian has obtained numerous industry specific and recognised qualifications, he is a qualified Prince2 Practitioner and ISO IEC 27001:2005 Lead Auditor as well as holding auditing qualifications with ISO 9001, ISO 18001 and 14001. Christian has also completed all the Information Assurance Levels from the National School of Government. Christian's application to the Institute of Information Security Professionals (IISP) is currently under review along with a potential application to further his development with an Masters in Information Security.