India is among the few countries that are not considered data secure by the EU. Now New Delhi has asked European Union to lift restrictions on flow of sophisticated outsourcing business to India by designating it as a data secure country.
The lack of ‘Data Secure Nation’ status form EU prevents flow of sensitive data, such as patient information for telemedicine, to the country. The existing data protection laws in the EU allow such information to only flow into a country that has been designated as being data secure. The issue has been taken up by New Delhi in the bilateral free trade agreement, which includes an extensive chapter on free flow of services.
The EU Data Protection Directive requires member countries to ban transfer of personal data to a non-EU country unless the nation ensures adequate privacy protection.
There is an exception to the directive that allows outsourcing to non-data secure countries by adhering to standard contractual clauses that place strict obligations on both parties to ensure privacy of data, but these are onerous and considered as disincentive for business.
Globally, about 42 percent of IT spending comes from Europe, Middle East and Asia. Lifting of data flow restrictions can boost trade manifold for India’s $100-billion IT-BPO industry, 30 percent of whose exports are to the European market. As of now much of the business process outsourcing (BPO) work coming to India from EU is low-end, data processing work.
However, the level of work being outsourced from the US is high end, which includes clinical trials, legal documents and drug discovery, and credit and equity analytics.