Print

Print


Karyn:
The safeharbor website has a number of links to information on working
with other countries under the safeharbor directive.
http://www.export.gov/safeharbor/SafeHarborInfo.htm
In particular you might want to check the various links on the EU data
privacy site at:
http://ec.europa.eu/justice_home/fsj/privacy/index_en.htm


Ginny Jones
(Virginia A. Jones, CRM, FAI)
Records Manager
Information Technology Division
Newport News Dept. of Public Utilities
Newport News, VA
[log in to unmask]
-----Original Message-----
From: Records Management Program [mailto:[log in to unmask]] On
Behalf Of Karyn Palanzo
Sent: Wednesday, March 11, 2009 11:57 AM
To: [log in to unmask]
Subject: [RM] safe harbor certication - international data stores?

I work for an international corporation who does business globally. I
know 
there are many privacy laws (including the EU Privacy directive)
governing 
records and information, how the information is to be protected, whether

it can be stored outside the country of origin and if it can be stored 
outside the country what protective actions must be in place. I know it
is 
not easy and I believe in some cases impossible to bring information
over 
the pond. 

We have servers for email and data storage in the appropriate 
international locations. I have been asked to do some research to 
determine if it was possible to move the data stores to the US. I have 
been reading information concerning Safe Harbor on www.export.gov and I 
have also searched the listserv for information as well as the Internet.


In reading the material I have found, there appears to be a lot of 
information concerning protection of consumer information and Human 
Resources information but I cannot get a clear sense that if we apply
for 
the safe harbor certificate whether we can really move our European data

stores including email to the States.

I wonder what other international companies have done in this area. If 
anyone is storing their email and data in the States, what steps did
your 
company have to follow in order to accomplish the task? Did you apply
for 
the safe harbor certificate or were there other steps that you followed 
such as employing internal controls for accessing the data?

Any thoughts, guidance and information would be appreciated.

Thank you in advance.

Karyn Palanzo, CRM, ecmm
[log in to unmask]
203-573-2046

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already
present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of
the message.
mailto:[log in to unmask]

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]