Ads by TechWords

See your link here
Receive the latest technology news and information.
IT Management
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Offshore ops to get stronger privacy lock

U.S. firms outsourcing work to India welcome data protection act

June 2, 2003 12:00 PM ET

Computerworld - India's Ministry of Information Technology and the country's main software trade association are drafting a data protection act designed to allay growing privacy concerns in the U.S. and Europe related to offshore outsourcing.

The legislation, expected to be enacted around the beginning of next year, would provide legal safeguards to ensure data privacy protection in India, said Kiran Karnik, president of the National Association of Software and Service Companies, known as Nasscom, in New Delhi.


The new rules are being drafted primarily to address the European Union's strict privacy requirements, Karnik said. EU laws prohibit companies from exporting data to or storing data in countries that lack privacy safeguards comparable to the EU's. "The EU has very stringent laws with regard to data privacy. We are trying to make sure we have a law that meets their minimum requirements," Karnik said.


At the same time, a tougher data privacy law in India stands to benefit U.S companies that have hired Indian firms to process jobs involving personal data.


"We see this as making it easier for us to do business there," said Karen Allen, vice president of risk management at Exult Inc., a business process outsourcer for Fortune 500 companies that last week opened a data center in Mumbai. The company is one in a growing number of U.S. corporations that process personal information on U.S. individuals at offshore locations. Such information often includes Social Security and driver's license numbers as well as confidential data such as individuals' employment or medical histories.


Currently there are no U.S. laws that prohibit that data from being shipped to or accessed from other countries. But companies are increasingly being required to comply with industry-specific and state laws such as the Health Insurance Portability and Accountability Act, the Gramm-Leach-Bliley Act and California's pending SB 1386 identity-protection law. U.S. companies must comply with those laws regardless of where the data is processed or stored, legal experts said.


"There are no significant differences [in] a company's privacy obligations, [whether it's] conducting an offshore arrangement [or] a domestic one," said Christopher Ford, a partner at law firm Alston & Bird LLP in Washington.


Consequently, it's important for companies to consider a country's data privacy laws when contracting with offshore firms, said Greg Scheuman, chief technology officer at Mercury Insurance Group in Brea, Calif.


The need to comply with Gramm-Leach-Bliley and California's SB 1386, which goes into effect July 1, has made privacy standards at Mercury "very significantly different from even a year ago," Scheuman said. India's initiative is therefore a positive one for Mercury, which outsources some development and maintenance work there, he said.




Jump to comments

Outsourcing

Additional Resources

EFD vs. HDD - What You Need to Know
WHITE PAPER
Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.
Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009
WHITE PAPER
The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.
Eight Criteria for Server Load Balancing
WHITE PAPER
Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

White Papers & Webcasts

The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.

Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!

Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.


IT Jobs