While there are not necessarily strict laws preventing an organization from storing their data outside of the country they reside, provinces, states, and cities are beginning to put standards in place regarding the privacy of their citizen’s data. For example, while Canada does not have Federal laws regarding the storage of citizen data some provinces have created their laws. British Columbia and Nova Scotia require all public sector data to reside in Canada, while Ontario mandates that healthcare information must remain in Canada.
Like Canada, Australia has also seen an increase in regulations outlining the requirements around keeping data within their borders. In 2014 Australia made some major changes to the Australian Privacy Principles regarding the collection, storage, and use of personal information and cross-border disclosure of personal data. Europe has also increased its guidelines around the collection and storage of personal information gathered by companies with their new GDPR standard. While GDPR does not specifically state data residency rules it is encouraged to keep all data within Europe, the EU Court of Justice has just announced the invalidation of the Privacy Shield between the US and the EU. With this news coming to light in July of 2020 organizations could see a change to how and where their data can be stored. With all this in mind, HostedPCI is now providing companies with the ability to choose where their data is being stored.