Understanding data residency regulations for cloud systems and why it is vital for compliance to personal data privacy laws.
Compliance with Personal Data Privacy Regulations is a non-negotiable requirement for schools. This is why it is important for your school to ensure that your cloud based systems comply with Data Privacy Laws. Breaching your data privacy obligations may not only leave your school open to significant financial penalties, it also exposes your school to serious reputational damage.
For this blog we will focus on Australian schools and compliance with Australian laws however there are similar responsibilities for data residency that schools from other countries must consider when using cloud based data storage.
This Act regulates the handling of personal information about individuals. This includes the collection, use, storage and disclosure of personal information, plus access to and correction of that information.
This Act came into effect in March 2014 and it introduced many changes to the original Privacy Act. It included a set of new principles that cover the processing of personal information by government agencies and private business. The new principles are jointly called the Australian Privacy Principles (APPs).
In the context of cloud data storage, Australian Government Agencies and private businesses dealing with personal information are subject to APP8 (Cross-border disclosure of personal information). This regulates the disclosure and transfer of personal information offshore (to non-Australian Territories).
Before permitting the movement of personal data offshore, an Australian Government Agency or private business must take reasonable steps to ensure that the overseas recipient will comply with/not breach the APPs.
Your liability cannot be transferred. Your school remains liable for any breach at all times.
REACH guarantees that all cloud data storage for Australian schools is stored only in Australia. In addition, all backup data for Australian schools is stored only in Australia. This is recognised best practice which eliminates the risk and exposure to unforeseen liability which is associated with APP8 when personal private data is not stored in Australia.
The post Why cloud data residency matters for your compliance to data privacy laws. first appeard on REACH Boarding School Software