Offshoring and Data privacy challenges
Corrystone Global Partners
Came across an interesting article on a blog on offshoring and data privacy challenges (LINK). The article talks about how potentially an offshoring and outsourcing engagement may help reduce risk by improving internal controls within the organization. It is an interesting perspective specially coming from an IT security professional within a large corporate (UBS).
The point which the article makes is actually an interesting one and I believe applies to other realms within the corporate world which organization take for granted but never really look at critically. Be it a perceived increase in risk, an argument by naysayers to look at outsourcing critically or requirements by regulators an outsourcing due diligence and transition does prompt corporates to have a hard look at their existing data privacy and security policies and procedures. Many during that process find that there is a scope of improving these internally and provide additional controls to manage offshore or outsource vendors.
Data Privacy groups within large corporate have to be deal with a multitude of moving parts, local regulatory restrictions, global regulators, IT systems constantly changing and pressure to reduce cost. Adding the dimension of outsourcing processes or IT adds to the complexity. If managed correctly data privacy teams can create a global frameworks to work well within the organization or with third party vendors. We have done work with data privacy groups within larger organization and find that although it is a laborious exercise to create or validate an outsourcing data privacy framework but it pays off in the end.
What organization also find is that this is not a start of the project initiative but needs to be constantly monitored and modified to meet the need of the businesses.
A challenge which companies also have to deal with during outsourcing initiatives is that there might be additional controls needed to manage data risks but if the controls put are too stringent and require a burdensome process to be put in place, you may lose the cost and operational efficiency benefits of offshoring.
Offshoring does not make the data privacy challenges your organization faces easier but can help you improve your internal process if done correctly.
Related Posts
You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.
