Data Residency Legislation
August 10, 2015 1:25 PM Subscribe
I am trying to compile any legislation that specifies where and how (geographically speaking) organizations may store data. Where can I find some? What should I search for?
I've found this to be quite easy to find in Canada, and have found, for instance, PIPEDA and BC's FoIPPA legislation. However, in the US--probably because there is simply more law to deal with--I am having some trouble narrowing things down.
I am interested in federal and state (especially California) legislation that addresses where organizations may store data collected about citizens. I suspect, but can't yet confirm, that most of this law pertains to public bodies or organizations working on behalf of public bodies.
I'm also after any regulations or legislation that specifies organizations' obligations around the care of that data (in terms of preventing unauthorized access, etc).
I'm not especially concerned with legislation specific to healthcare or payment card information; mostly, this would be along the lines of market research data.
Thanks!
I've found this to be quite easy to find in Canada, and have found, for instance, PIPEDA and BC's FoIPPA legislation. However, in the US--probably because there is simply more law to deal with--I am having some trouble narrowing things down.
I am interested in federal and state (especially California) legislation that addresses where organizations may store data collected about citizens. I suspect, but can't yet confirm, that most of this law pertains to public bodies or organizations working on behalf of public bodies.
I'm also after any regulations or legislation that specifies organizations' obligations around the care of that data (in terms of preventing unauthorized access, etc).
I'm not especially concerned with legislation specific to healthcare or payment card information; mostly, this would be along the lines of market research data.
Thanks!
Best answer: Hi, I am a lawyer specializing in online Privacy and Security, but I'm not your lawyer, etc.
There is no general US or state law pertaining to data localization (which is the fancy term for what you are describing re: geographic restrictions on storage of data). US organizations are free to store data where they please (with a possible exception for "secret" or "classified" government data, but I don't deal with that sort of thing).
Healthcare data is covered by HIPAA and payment card information is covered by PCI DSS.
In addition to what sparklemotion provided, the Baker McKenzie Privacy Handbook is a great resource. The 2013 version is online.
I'm also happy to answer questions you may have, here or by private message.
posted by falconred at 2:12 PM on August 10, 2015 [2 favorites]
There is no general US or state law pertaining to data localization (which is the fancy term for what you are describing re: geographic restrictions on storage of data). US organizations are free to store data where they please (with a possible exception for "secret" or "classified" government data, but I don't deal with that sort of thing).
Healthcare data is covered by HIPAA and payment card information is covered by PCI DSS.
In addition to what sparklemotion provided, the Baker McKenzie Privacy Handbook is a great resource. The 2013 version is online.
I'm also happy to answer questions you may have, here or by private message.
posted by falconred at 2:12 PM on August 10, 2015 [2 favorites]
I bet if you go to service providers that offer region-constrained hosting (like Amazon GovCloud), they probably talk a lot about data residency laws and compliance.
posted by ryanrs at 3:42 PM on August 10, 2015
posted by ryanrs at 3:42 PM on August 10, 2015
Synecdoche, sent you memail about this.
posted by kovacs at 8:03 PM on August 10, 2015 [1 favorite]
posted by kovacs at 8:03 PM on August 10, 2015 [1 favorite]
« Older Can you find the lost animals of Farthing wood? | Canning wax peppers: Advice and recipes, please? Newer »
This thread is closed to new comments.
posted by sparklemotion at 1:41 PM on August 10, 2015 [1 favorite]