Late this week I flew to Scottsdale, Arizona to participate in another very solid CDM Media CIO event, entitled the “CIO Cloud Summit.” While I will draft a separate research communication summarizing some of the key takeaways from this event, I had a interesting side conservation with one of the delegates – Drew Simonis (Information Security Officer at Willis Holdings – one of the largest insurance brokers globally) – who was kind enough to share some links to a leaked set of draft EU documents that will eventually help shape where EU data privacy law will go over the next three years, as the EU puts in place a new set of regulations to standardize what is today a wide range (and often chaotic set) of country-specific policies and practices.

Recently we published a premium research deliverable in our CRS-Base subscription service (“A Brief Look at Data Privacy Concerns and Enterprise Cloud Migration,” – if not a Saugatuck subscriber, click here to purchase and download) that details some of the issues. This was a follow-up to a business trip to Germany that I took in late October, where I had the opportunity to meet with a number of IT leaders in the metro Frankfurt area, including the CIO of R+V Versicherungen (huge Insurance provider), the CTO of HZD (service provider for State of Hessen), and a VP and CIO at Deutsche Bank AG (retail division) – as well as senior business and technology leaders at T-Systems and Software AG.

While each meeting had its own focus and rhythm, what they all shared in common was a discussion around how best to navigate the current EU- and Germany-specific data privacy laws (detailed in the Saugatuck Strategic Perspective noted above). Following our return, Olaf Schnapauff, Director of Enterprise Architecture at T-Systems, along with some of his colleagues, was kind enough to help us better understand some of the intricacies and history in these regards via a conference call.

We encourage our readers to read the following article posted on 06Dec2011 that summarizes some of the new legal framework vis-à-vis protection of personal data in the European Economic area, that will ultimately drive new EU-wide regulation by 2014 (after public comment and updates):

http://www.itlawgroup.com/resources/articles/229-proposed-data-protection-regulation-unveiled-by-eu-commission.html

For those who want to dig deeper, here’s another interesting link to read that provides insight and analysis of the proposed regulations, as published earlier today by the UK-based Register:

http://www.theregister.co.uk/2011/12/09/draft_data_protection_leak_unlikely_to_be_enacted_in_current_form/

While we still have several years to go before we will ultimately see a European-wide set of data privacy standards – as there are a number of important issues that need to be fleshed out and evolved (including revenue-based penalties, which appear overly harsh in my opinion) – clearly this is a step in the right direction to help ensure that the EU continues to remain competitive as we march forward in a Cloud-enabled global economy. 

This blog originally appeared at Saugatuck Lens360.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access