Our client was commencing an internal programme to centralise data from a number of international offices, and needed guidance on any jurisdictional regulations that might either prevent the transfer of data beyond jurisdictional boundaries or mandate specific controls that the client would need to implement.
Our consultants undertook a detailed research exercise to assess the cyber security requirements in place within each jurisdiction’s privacy regulations, relying on a combination of regulatory texts, guidance documents, legal and cyber security press interpretations and guidance from Mishcon de Reya contacts.
From these sources, we assembled guidance detailing the requirements identified, and mapped these requirements to the proposed data centralisation platform to specify the tools and settings that would be needed to meet the identified requirements.
Ultimately, our client was able to address all the identified requirements and demonstrate a suitable level of rigour around these to satisfy internal stakeholders with regards to the suitability of the solution being put forward.