It’s the application economy: Do you know where your data is?

CA Technologies has been recognized for high level of achievement in data privacy.

CA Technologies secures high data privacy standard as businesses increasingly question how their personal information is secured in the face of rapid online services growth.

By Bonnie Yeomans


This week CA announced that it has been approved for the Binding Corporate Rules, a standard created by the European Union to facilitate global data flows.  We are immensely proud of all many years of work that went into this achievement that will pave the way for mutual recognition of our data protection practices across the EU.

In the application economy, virtually every interaction we have is online, making user trust paramount. That’s why there has never been a more important time for companies to demonstrate to their customers just how much they care about protecting personal data.

As the growth of online services continues to accelerate at a feverish pace, consumers and businesses often question how their personal information is treated and secured. National privacy laws abound and offer assurances to users that their data will be protected. As data flows across borders, so too must protections.

For global companies that manage and process data across the globe, a range of frameworks exist to ensure consumer privacy and security are protected. In Europe, privacy is a universal human right and the Data Protection Directive spells out baseline privacy protections that the 28 European Union member states have implemented in national laws.

Protecting EU citizens across the pond

Under the Data Protection Directive, personal information on EU citizens cannot be transferred out of the European Economic Area (EEA) unless commensurate levels of protection can be guaranteed.

Because of differences in US law, the US and EU negotiated a Safe Harbor Framework to provide a mechanism for US-based companies to certify that their data protection practices comport with the EU’s strict data protection requirements.

Giving customers the assurance and security they demand and deserve

More than 5,000 entities, including CA Technologies, have certified under the US-EU Safe harbor Framework. But consumers and customers are always interested in the greatest assurances possible.

Outside of the US-EU Safe Harbor Framework, companies can also attest to their data privacy practices via Binding Corporate Rules (BCRs). BCRs are a standard created by the European Union to facilitate global data flows.

They are designed to allow multinational companies to transfer personal data from the EEA to their affiliates located outside the EEA in compliance with the European data protection directive, which places strict limitations on such transfers.

CA’s BCRs means better data protection across the board

Since the roll out of BCRs in Europe, approximately 80 companies have moved forward through a stringent process to develop and gain approval from the EU for BCRs. Today, CA is one of only a small handful of technology companies that has achieved BCRs, and this step emphasizes our strong commitment to the protection of personal data in Europe and globally.

All CA operating entities have signed on to the requirements of the BCRs. Why does this matter?  Because CA customers, partners and employees can feel confident that their information is being handled the right way.

Trust is foundational in the application economy and CA takes its responsibilities to protect and safeguard personal information very seriously. By obtaining the approval of Data Protection Authorities in the European Union, CA has demonstrated that we comply with the high standards set out for protecting personal information that we process as part our business.

This means we will have an ongoing obligation to monitor compliance with our BCRs, which includes regular audits, employee training and awareness, and a continuing requirement to have adequate safeguards to protect personal data throughout our organization.


About the author: Bonnie Yeomans is assistant general counsel at CA Technologies, one of the largest independent global software providers.

CA Community is the blog manager’s account used to post general updates and news items.



Insights from the app driven world
Subscribe Now >
The Sociology of Software >How (Not) to Lie with Data Visualization >DevOps and Cloud Computing: Exploiting the Synergy for Business Advantage >