Data protection laws are major challenge, says Pitney Bowes

Compliance with data...

Compliance with data protection laws is one of the biggest challenges facing multinational companies because of inconsistencies in legal frameworks around the world, says mail management company Pitney Bowes.

The company has taken three years to develop a global risk management programme to deal with the differences and conflicts between data protection laws in about 30 countries.

Andy Harper, vice-president risk management, said Pitney Bowes tracks compliance of all its offices with local and international data protection laws, as well as regulations on finance, business continuity, health and safety and insurance.

"This is an extremely difficult and expensive exercise, but it has to be done because any failure to comply with data regulations can have a significantly detrimental effect," he said.

Harper will tell next week's annual international data protection conference in Cambridge, hosted by consultancyPrivacy Laws & Business, that good governance structures are the key to success.

"Having these structures in place is the only way of being sure management is aware of their responsibilities and that these responsibilities are being met," he added.

Pitney Bowes has a comprehensive set of local, regional and international governance groups to train and monitor staff, including a data protection officer for each country.

The officers advise the company's US-based IT administration department, which centrally manages the IT systems and IT-related codes of practice aimed at protecting data.

"I would appeal to international regulators to work towards achieving a greater consistency between data protection laws to make compliance easier for multinational companies," said Harper.

He suggested it would be useful, for example, if companies could submit one data protection compliance strategy document that would be accepted by across Europe without having to go through the approval process with every country in the region.

Read more on IT risk management