Is your company’s strategic data safe and secured? Beware of the US Patriot Act intrusions into a non-protected Board Portal…
Implementing a Board portal and hosting the Board’s data outside the company allows an important cost reduction and an increase of effectiveness but it raises the issue of privacy and security.
Therefore the choice of the board portal provider is crucial for the security of your data! Indeed, if the provider is of US nationality, has links with the USA or stores the data in the cloud then your information may be at risk under the Patriot Act!
What is the US Patriot Act?
The Patriot Act is a U.S. law voted on October 26th 2001, following the attacks of September 11th and is part of the fight against terrorism. Patriot Act is an acronym for “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism”.
This law establishes new obligations for companies and the servers that host their data. With this law, the NSA and other national security services may have access to personal information on any person or company, with no judicial review and without them knowing. Therefore, the corporation ignores the data viewed, its use, conservation and the recipients of information.
Economic intelligence is the new weapon in global competition and this intrusion into confidential data might generate information leaks that could damage the company. Indeed, data including those of a sensitive nature may be exchanged at any time and from any place and thus, the information can fall into the hands of people not intended to receive it.
Protecting this information is even more critical for boards who deal with highly strategic information.
Are directors aware of this risk? Can they accept jeopardizing the company’s data?
Where can your data be safe?
Be well informed on the company who will store your data. As pointed out by the Treasury Board of Canada “If a supplier is chosen to manage personal information and part of its business, including subcontractors, is outside of Canada, the laws of the other country (or countries) can apply to the information stored or accessible electronically in the foreign country. If you hire a company in the United States or having links with the U.S, the USA PATRIOT Act could apply.”
Boards must pay attention to the choice of their board portal provider to protect their data and establish a relationship of trust with the new partner. If a Canadian solution is chosen for the protection of the data, all information is safe.
Indeed, the Government of Canada takes privacy issues very seriously, including concerns about the possible risks of foreign laws such as the US Patriot Act, for the protection of personal information.
Therefore, all information and documents stored on the servers of a Canadian business are safe in relation to the Patriot Act and confidentiality is ensured. The information exchanged is restricted to authenticated users and is protected from outside and State intrusion.