Investigating or responding to investigations can be complicated and challenging. But with a robust process and the correct team of professionals, the daunting task of securing data for an investigation can be brought under control.
A 2016 report by the Institute of Directors found in a survey that 59 per cent of businesses interviewed were outsourcing data storage but that 43 per cent of those surveyed were not aware of where their data was stored.
The GDPR requires organizations to diligently protect personal data and prove how they do it. Identifying data pertinent to an investigation is one thing; preserving it is yet another.
In light of the many and varied regulations and the onerous penalties for non-compliance, companies and their counsel conducting investigations that involve collecting data internationally should involve data privacy and transfer experts from the outset in any cross-jurisdictional investigations. It is also important to remain current with technology advances. Technology firms are continuing to push the envelope with new innovations being rolled out all the time and many (or even most) of which result in huge volumes of data – often sensitive and/or personal data – being handled and stored.
FRA’s Andrew Hunniford analyses in GIR the changes and effects of data privacy and its laws in 2017.
Andrew Hunniford, Director