Do you really want to share?

For service companies that provide data processing services, whether SaaS or not the focus on control over the management and processing of personal data in all its forms gives pause for thought. It's true that any company that handles European data specifically will have tidied their data protection statements, identified where their data is and how its access is controlled and might even be able to provide the greater detail on subject access requests in a timely manner. Data sharing though between two Data Controllers is problematic so perhaps its worth looking at it another way.

There are already suppliers of Safe Data Rooms, secure Drop Boxes if you like, and they're currently used for Dealing Room transfers, M&A data, litigation data and such; but there's a hole for something similar for data analytics, data processing. The service is SaaS but the data doesn't leave the client/user's control. I can imagine some horrendous implementations, multiple shared areas on various Drive products, or umm Sharepoint but really this needs a properly integrated file system. Something a little smarter than NFS, that includes invisible but secure audit of access and maintenance of provenance.

I'm not aware of anything which quite covers this. 

(c) 2017, 2018 G30 Consultants Ltd
All other trademarks and copyright recognised.