Technology, software and internet-based programs now allow companies to sort and share their data in a sophisticated way in order to increase profits, gain new clients and create more opportunities. But new technologies also come with risks in the area of data storage, especially sensitive data.
We see potential risks in: (i) the possibility of unauthorized access to data saved in the cloud; and (ii) access to data within the company using “big data” technologies.
Liability of statutory body
Such unauthorized access to data may cause damage to the company. The responsibility for making decisions about using new data storage technologies, whether in fact provided by an IT specialist or CIO, always lies with the statutory body of the company.
Why should the statutory body always pay attention? In the case of insufficient data security the statutory body risks a breach of professional care.
It is very probable that the courts will apply their previous decisions regarding the breach of professional care and the duty of the statutory body relating to the security of data storage in the company. If the statutory body is aware of specific cyber threats or, even worse, if the company has already experienced an unauthorized intrusion, it is necessary to act quickly and reduce the risks of the possible liability of the statutory body. It is possible to ensure the company avoids damages while still being able to use the technology.
Issues to be considered in your company
Company using technology for storage sensitive data in the cloud or using “big data” technology needs to consider following issues and implement them within the company:
- Consider what can be done to reduce the risk related to security of company data storage;
- Identify measures that had been previously performed in improving the security of data storage and preventing possible breaches. If the measures have not been implemented, they should be implemented as soon as possible. If they have already been implemented, they should be restored or improved;
- Contractually regulate the liability of providers of cloud storage so that it is safe enough for the company regarding all the risks;
- Negotiate or increase the limit of insurance of data security protection that the company manages or handles.
Rentsch Legal Prague, Czech Republic firstname.lastname@example.org