Is Your Data Safe with the Offshore Service Providers?

March 24, 2010, 4:17 pm

“Some of the service providers that I have visited have invested a lot of time, effort and money in data security. However, there is still a factor of risk associated with offshoring that will be overcome only with time”, according to a Managing Attorney from a New York based law firm in response to a query on whether buyers have adequate confidence in data security initiatives of offshore service providers.

In spite of the fact that India has enacted legislations such as the Information Technology Act, data may not always be tamper-proof. This is an area of concern for the buyers of outsourcing services as well as for service providers. With significant increase in offshoring, clients as well as service providers are realizing the need for security/privacy around data that is being processed at the offshore location.

Is data security and privacy a valid concern? The reality is that India, at present, does not have stringent data security/protection laws. Efforts are under way to change this scenario with the Indian government and apex bodies like NASSCOM coming up with various solutions to dispel fears of companies looking to outsource.

On the other hand, several preventative measures are put into place by leading offshore legal service providers themselves to deal with data security and privacy issues. Most of the leading offshore legal service providers comply with ISO 27001 – a global standard that covers all domains of security. Service providers including Mindcrest, Integreon, Pangea3, CPA Global and QuisLex have comprehensive security systems in place with certifications such as Safe Harbor Act, UK Data Protection (DPA) Act etc. These players are according greatest priority to security, and are at par with the companies in the US and UK in terms of data security. Some of the service providers also have security awareness programs that discuss the context of security in business and that of customers. This covers the consequences of breaking the security policy, confidentiality agreements, security policies and procedures, etc. However, the level of data security adhered by the larger players is not yet followed by the mid-size and smaller players. Unless other smaller providers gear up to provide this level of data security, the industry as a whole will find it difficult to gain the buyer confidence.

Last 5 posts by Neeraja

BPOs in the LPO industry? - May 26th, 2010
Larger and longer term contracts for the LPO industry? - May 18th, 2010
Indian law firms eye LPO business - May 12th, 2010
Bundled offerings in LPO - April 28th, 2010
Microsoft-Integreon deal adds fillip to the LPO momentum - April 13th, 2010

Tags: data security, legal, Legal outsourcing, LPO, offshoring, ValueNotes, vendors
Category: Legal outsourcing | Comment (RSS) | Trackback

http:mondexplegalsupportservices.yolasite.com Exequiel

With regard to the confidentiality and protection issue in documents for outsourcing, Philippines, I think is prepared for that. Right now, big law firms and publishing companies are now outsourcing to Philippines as the best option for India because of the ge government madr a corresponding legislations in view of boosting the business process outsourcing in their country.
http://www.contactcenterphilippines.net contact center philippines

Security and privacy of the company’s data is one of the risks in contracting with offshore service providers. It is important to know and choose the best and secured service provider before having a contract with that certain company. Thanks for sharing the idea. Nice blog.

The State of Sourcing