iQoncept - Fotolia

CIF updates Code of Conduct to cover GDPR

The Cloud Industry Forum is extending its transparency and honesty approach to cover GDPR

The Cloud Industry Forum (CIF) has moved to try and deal with the confusion caused by the GDPR data compliance regulations.

The GDPR measures are due to come into force May next year but there is widespread confusion about exactly what it will mean for customers with a degree of vagueness about exactly what steps will need to be taken to prove compliance.

That degree of vagueness is leading to some misselling of solutions that are far from being the silver bullet and the CIF has updated its Code of Practice to include some specific guidelines for cloud service providers.

“The GDPR is a considerable piece of legislation that will leave no space for companies to hide, especially if they don’t take data security seriously. A failure to demonstrate compliance with the GDPR can result in organisations receiving massive punitive fines which, aside from damaging their reputation, could potentially put them out of business. It is therefore vital that these organisations have the appropriate skills and knowledge in place," said Alex Hilton, CEO of CIF.

“It’s incumbent on CSPs to be able to demonstrate they have the required capabilities. However, in many ways the GDPR is an abstract and non-prescriptive piece of legislation and the absence of a concrete standard makes it difficult for certain companies to be sure that what they have put in place is compliant," he added.

It is not only the channel that still has some work to do on the GDPR front with many customers still yet to start preparing for the data legislation.

Research from NetApp last month showed that the SME community was lagging behind larger enterprises in getting prepared for the data protection regulations.

The storage firm found that a quarter of UK firms with 100-250 staff had not made any preparations, which compared to just 11% of enterprises with above 500 employees.

Larger customers are much further down the road to being ready, with 34% telling NetApp that they were completely prepared. Only 19% of smaller firms were in that position, leaving the vast majority of the market looking for some more guidance.

Read more on Cloud Computing Standards