Why the new Russian “personal data protection” law is not a problem anymore?

Cheers to all businesses operating in Russia (and somehow available for Russian citizens to access) as the new federal “personal data protection” law #242-FZ came into force on September 1, 2015.

Here’s the sweet spot, it’s actually an update to its predecessor #152-FZ “On personal data” in the terms of its localisation requirements for personal data processing.

In order to set the record straight and explain the situation in plain words we should note the fact that #242-FZ localisation requirements apply to local as well as foreign companies and any legal entities doing business with Russians and handling personal data. In this context we’re talking about a limited number of personal data processing types that fall under #242-FZ.

“Personal data protection” law does not prohibit data transfer to foreign countries and allows:

further use;

distribution;

depersonalisation;

blocking and destroying of personal data with no localisation limitations.

Though it defines personal data processing types that are to be handled domestically:

recording;

systematisation;

accumulation;

storage;

specification (updating and amending);

and extracting personal data.

“Personal data” should be understood as any information directly or indirectly related to any identified or potentially identifiable person: first name and family name, date and place of birth, address and so on.

In short, this means using facilities (servers and data centres) located in Russia either owned or provided by third parties for Russian citizens’ personal data processing. Those who are willing to skip any further updates to their existing databases with personal data are free to operate outside the scope of localisation requirements that came into force.

Our solution

We have prepared for this one and you’re actually welcome to jump in. Our solution goes by the name IT-GRAD and we’re proud to offer our IaaS and SaaS (running since 2008). Our infrastructure is distributed across 5 data centres located in Russia and the EU. We understand what kind of legal thing is going on and have though through solutions ready for you to use.

In addition to cloud-based services we are always there to help our clients with their private cloud infrastructure, supply, installation and maintenance of NetApp data storage systems. We utilise such solutions as NetApp, Cisco, Dell, Juniper, guarantee the highest SLA in cloud services. Our company is the first VMware-based service provider in Russia with VSPP Enterprise status.

We are passionate about service quality and strive to maintain TIER III reliability rating across all our data centres: infrastructure support procedures are carried out in strict accordance with ITIL v3 methodology and ITSM/MOF practices. Utilising such solutions as VMware allows us to provide high level of security, reliability and accessibility for our clients.

Feel free to learn more about us and drop us an email: sales@it-grad.ru