Gartner Says Organisations Need to Prepare for the Russian Personal Data Law

Privacy in Russia Is at the Peak of Gartner's 2015 Hype Cycle for Privacy

(PresseBox) ( Egham, )
Gartner, Inc. said that organisations need to prepare contingency plans for business processes and IT systems to store some or all data in Russia. In just over two weeks, Russia will implement a new personal data law (242-FZ Law) requiring that the personal data of Russian citizens be stored in Russia from 1st September 2015.

"By the same date, all companies processing personal data of Russian citizens in databases located outside Russia need to make their systems compliant with the new requirements," said Carsten Casper, managing vice president at Gartner. "We positioned this matter at the peak of this year's Gartner Hype Cycle for Privacy as this should be key priority for the chief data officer and the CIO."

This new law will have a major effect on Internet organisations, as well as online stores, online resources used for booking airline tickets and hotels, insurance companies and other organisations, as they will have to change the way they store information on Russian citizens.

A Gartner survey conducted in April 2015 across seven countries (US, UK, Canada, Brazil, India, Australia and Germany), which surveyed 357 large organisations (at least $50 million in revenue, a minimum of 100 employees), found that 37 per cent of respondents would like to obtain certification to comply with the new requirements - although such certification does not exist today. A third of surveyed organisations will appoint a local IT provider to manage data storage and processing, while 28 per cent will simply look to place a copy of the relevant data onto a local server in Russia.

While those three options will incur additional costs for organisations, they may be the most effective way to comply at such short notice. Others are planning to withdraw business from Russia (19 per cent) or expect to ignore the law until they are investigated by the local authorities (18 per cent).

"Although more clarifications are needed around the law, we advise companies that process Russian citizens' personal data to make their business executives aware of the upcoming legal and investment requirements," said Petr Gorodetskiy, senior research analyst at Gartner. "They also need to seek clarification from Russian authorities, where possible, and prepare plans for moving data (or data centres) to Russian soil or find alternative ways to mitigate this compliance risk."

About Gartner Security & Risk Management Summit 2015

Security and risk leaders must embrace new approaches to digital business while maintaining proven control architecture that mitigates enterprise risk for success. At the Summit, Gartner analysts will discuss the skills and strategies needed to maintain cost-effective security and risk management programmes in order to support digital business and drive enterprise success.
Für die oben stehenden Pressemitteilungen, das angezeigte Event bzw. das Stellenangebot sowie für das angezeigte Bild- und Tonmaterial ist allein der jeweils angegebene Herausgeber (siehe Firmeninfo bei Klick auf Bild/Meldungstitel oder Firmeninfo rechte Spalte) verantwortlich. Dieser ist in der Regel auch Urheber der Pressetexte sowie der angehängten Bild-, Ton- und Informationsmaterialien.
Die Nutzung von hier veröffentlichten Informationen zur Eigeninformation und redaktionellen Weiterverarbeitung ist in der Regel kostenfrei. Bitte klären Sie vor einer Weiterverwendung urheberrechtliche Fragen mit dem angegebenen Herausgeber. Bei Veröffentlichung senden Sie bitte ein Belegexemplar an