Data Privacy & Security

Foreign countries can have a vastly differing risk exposure when it comes to information protection, data privacy and security. Since legislation and regulation vary from country to country, it is a mandatory task for managers to study the security environment of their proposed offshoring location country (Ramanujan / Sandhya 2006, p. 52) While “laws pertaining to copyright, digital signature hacking and privacy already exist in more than 20 countries (15 countries in European Union)” (Ramanujan / Sandhya 2006, p. 52), enforcement of these laws is not effective everywhere, for example in countries like China and the Philippines.

A very big risk factor in this respect is that employees in offshore locations have access to valuable, sensitive and often confidential data, not only including credit card numbers and social security numbers, but also to a company’s intangible assets and secrets (Ramanujan / Sandhya 2006, p. 52f). This information may be misused for corporate espionage, unfair competition, white-collar criminal activity and terrorism.” (Ramanujan / Sandhya 2006, p. 53) As of today, there is no international law on data security. Therefore outsourcing companies and outsourcing vendors should work together in order to identify possible risks and consequently define a framework for information protection (Ramanujan / Sandhya 2006, p. 53).

“Understanding the relationship between business, security, intellectual property and privacy is essential for companies that outsource / offshore in effectively managing business risks associated with corporate and individual privacy.” (Ramanujan / Sandhya 2006, p. 53)