Home' micenet eMag : micenet October 2016 Contents LEGAL ISSUES | MATTHEW CROUCH
f you are like me and pre-date the ‘90s
(ok, maybe a bit of an understatement), do
you (like me), marvel at the information
technology revolution that has occurred in
our business and personal lives?
In the “old days” business information was
kept in hard copy – paper files that needed to
be kept in expensive physical storage. The big
risk was fire – or if your information was truly
valuable – theft. In the law firm where I began
my career, we had a “fire-resistant” strongroom
for keeping clients’ valuable documents. The
rent for such space cost a fortune!
Now, of course, data is stored
electronically. Some businesses store their
own data on computer servers – sometimes
on, sometimes off the main trading premises.
Increasingly, others store it with service-
providers in the “cloud”.
How dependent have we become in such a
short time on these devices and services that
make information available and store it for us?
Businesses in the event management,
conference and travel sectors, where mobility
is a hallmark, have embraced this approach
Undeniably, cloud-based data storage has
some amazing benefits. Data can be
accessed with relative speed and in
convenient format at our desks. Businesses
do not have to spend money on expensive
computers and their maintenance. Set-up
and ongoing infrastructure costs are low.
But there are risks too. The main risk is, of
course, that your data is in the hands of
Often data storage for a business is
WHO CONTROLS YOUR
handled by the internet service provider (ISP) that provides the business with internet and email
service and capacity. The same ISP will often host your website.
That is, of course, an enormous responsibility. What would happen to your business if,
suddenly, you were unable to access any of your customer/supplier information?
Many businesses enter into external hosting arrangements for storage and access to their
data without asking or understanding a number of really important questions. I recommend that
you ask your service provider at least the following:
• What back-up arrangements does the service provider have to ensure that if its technology
fails, data is not lost and can be made accessible again quickly? Does the service provider
back up all information and store it on a separate system? How quickly would the information
be made available again in the event of a problem with the primary system?
• What security precautions does the service provider employ to ensure that your data is secure
from hacking and from computer virus or other malicious code? The provider may not give details
(for security reasons!) but some assurance that appropriate measures are being taken is essential.
• What confidentiality and privacy promises does the service provider make? If your business
stores the confidential or private information of your customers, does the service provider
agree to keep it confidential and private?
• Does the service provider actually store and manage the data you entrust itself or does it, as
some do, outsource that function to a third party? If so, who is that third party and what
promises does it make about back-up, security, confidentiality and privacy?
• What rights does the service provider have to deny you access to your own data? What if you
were in dispute with the service provider - say, over fees, because the system was “down” a
lot and you did not consider they should be paid? I recommend including a “hell-or-high-
water” clause in the contract providing that irrespective of any dispute, you can always have
access to your data. And what if there is a sub-contractor? Can the sub-contractor ever
simply switch off the system?
• What will the service provider do to assist you if you decide to move to an alternative
provider? I have seen this happen many times – a client is dissatisfied with the service it’s
getting and wants to move, but there is no incentive for the provider to help. Getting
assistance with transition can be difficult, especially if you and the provider disagree about
what the provider is owed.
As always, the contract is the key. Many businesses focus on the price and the sexy features
of the platform offered and ignore these critical issues altogether. One other risk needs to be
mentioned – the possibility that the service provider goes broke and either closes its doors or
enters into some form of insolvency administration. If that happens, there is no guarantee you
will ever get your data back. Some form of back up can be a life-saver. m
Matthew Crouch can be contacted via email on firstname.lastname@example.org.
Matthew Crouch argues on the importance of managing your business data.
micenet | 35
Links Archive micenet August 2016 micenet December 2016 Navigation Previous Page Next Page