The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

Next Year’s European Data Privacy Reforms Could Potentially Have a Significant Impact on Data Storage and Access

Share article

The UK government has this month issued a call for evidence on the current European data protection legislative framework, ahead of European-wide negotiations on an update of the European Data Protection Directive 95/46/EC due at the start of next year. Reforms could potentially have a significant impact on the data storage and access requirements for financial institutions and therefore entail a reworking of firms’ current data warehouses and EDM systems.

The UK’s call for evidence, which is open until 6 October 2010, is asking for general feedback on the current data privacy practices and recommendations for improvement. At the same time as this information gathering exercise, the government has also published a provisional post-implementation review impact assessment of the Data Protection Act 1998, on which it is also asking for comments.

The call for evidence has broken down the areas in which the government is seeking feedback upon into seven categories: definitions; data subjects’ rights; obligations of data controllers; powers and penalties of the Information Commissioner; the principles-based approach; exemptions under the Data Protection Act; and international transfers. In terms of impact, the move from a principles-based approach to a more prescriptive environment could potentially significantly alter financial institutions’ obligations and data management practices.

The politicians are keen to revise these requirements, however, as it has been 15 years since the European directive was passed and technology has moved on substantially since that time. The legislation will therefore need to take into account trends such as the storage of data in the cloud and mobile technology in order to better address data privacy risks posed by these technological innovations. The call for evidence notes: “It is important that any new legislative changes take into account the way technology is advancing, enabling it to be ‘future proofed’ as far as possible.”

Data managers will need to keep a close eye on developments, as they happen and feed back any recommendations to the relevant bodies in their jurisdictions in order to ensure data privacy requirements to not become overly prescriptive and difficult to navigate. The likelihood is that many new requirements will spring from the updated directive and these could mean extra security measures, but they could also mean the reworking of current EDM systems to separate different levels of data by the nature of its customer sensitivity.

Related content

WEBINAR

Recorded Webinar: How far should counterparty screening go? Balancing the ideal and the realistic

Counterparty screening is a regulatory requirement, but do you know enough about your clients’ clients, and beyond? How can you source this information and how does it benefit your business? How far do you need to dig into entity ownership structures? This webinar discusses these challenges and how they relate to your organisation, whether you’re...

BLOG

VIDEO: How To Determine The True Value of Data, with Rocky Martinez

The A-Team Group Data Management Summit is fast-approaching, and with a spotlight on how to improve operational efficiency and enhance revenue opportunities through data, identifying value is a key topic for 2020. We are delighted to welcome Rocky Martinez, Chief Technology Officer at SmartStream RDU, to give us a sneak peek into his keynote speech...

EVENT

Data Management Summit USA Virtual

Data Management Summit USA Virtual will explore how sell side and buy side financial institutions are navigating the global crisis and adapting their data strategies to manage in today’s new normal environment.

GUIDE

Entity Data Management Handbook – Sixth Edition

High-profile and punitive penalties handed out to large financial institutions for non-compliance with Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations have catapulted entity data management up the business agenda. So, too, have industry and government reports on the staggering sums of money laundered on a global basis. Less apparent, but equally important, are...