LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Condense Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Sender:	Records Management Program <[log in to unmask]>
Date:	Wed, 13 Apr 2016 12:48:49 -0400
Reply-To:	Records Management Program <[log in to unmask]>
Subject:	Re: Regulations for PII/PCI
MIME-Version:	1.0
Content-Transfer-Encoding:	8bit
In-Reply-To:	<[log in to unmask]>
Content-Type:	text/plain; charset=UTF-8
From:	Bruce White <[log in to unmask]>
Parts/Attachments:	text/plain (72 lines)

Deb,

Here is a link to the PCI Securty Standards Committee's document
library that covers the Cloud.
https://www.pcisecuritystandards.org/pdfs/PCI_DSS_v2_Cloud_Guidelines.pdf.
Just a quick review indicates you can but must follow certain
protocols.

And yes the EU has strong privacy regulations much more than the US.
Until a few months ago the EU and US had what is know as "Safe Harbor"
which  allowed US companies to move information back and forth across
the Atlantic.  That was struct down last October and both the
Europeans and US have been working on a "Privacy Shield" to replace
it.  Within the past couple of days I've seen reports that the Shield
may be in trouble.  From what I understand is that without an
agreement in place the rules are that EU personal data must stay
within the EU.

This issue is a moving target.  My suggestion is to contact a privacy
lawyer or law firm that understands the EU privacy environment.  .

My thoughts my own...

Bruce White, CRM, PMP
Radnor, PA
e-mail: [log in to unmask]
LinkedIn:  http://www.linkedin.com/in/bblanco

On Wed, Apr 13, 2016 at 12:17 PM, DEBI TADD <[log in to unmask]> wrote:
> Our CIO is under the impression that PII and PCI can not be maintained in
> the cloud.  The research we have conducted so far, talks a lot about the
> security that must surround this type of data, but nothing about where is
> can and can't be stored.
>
> Has anyone had any experience with a regulation that contradicts this?  Is
> there a European regulation that governs where data can be stored?
>
> Any and all feedback is welcome.
>
>
> *BBVA Compass *
>
> *Debi Tadd*
> *Information Lifecycle Management, AVP*
>
> Let us know how we are doing.  Click HERE to take a short survey.
> <https://docs.google.com/a/bbva.com/forms/d/1g5Dipwqlg-GeonH7noDFuEYYHfUBDi7aZd7TnyhvvNg/viewform>
>
> Tel. 512-453-4272 - Fax 512-836-4201 - Mobile 512-284-2035 –
> [log in to unmask] <[log in to unmask]>
> *North Austin* – 10711 Burnet Road, Suite 100, Austin, TX  78758
> TX-AU-NA-DRS
>
> *Connect with BBVA Compass  *Find us on Facebook
> <http://www.facebook.com/bbvacompass>   Follow us on Twitter
> <http://twitter.com/bbvacompass>
> Before you print this message please consider the environment. Antes de
> imprimir este mensaje, por favor considera el medio ambiente.
> BBVA Compass is a trade name of Compass Bank, a member of the BBVA Group.
> Compass Bank, Member FDIC.
>
> List archives at http://lists.ufl.edu/archives/recmgmt-l.html
> Contact [log in to unmask] for assistance
> To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
> mailto:[log in to unmask]

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US