Two weeks ago, certain territorial divisions of the Russian Data Protection Authority, Roskomnadzor, published their 2018 plans for conducting inspections of local companies’ compliance with Russian data privacy requirements, including with Russia’s data localization requirement. The inspection plans contain a number of prominent multi-national and Russian companies.
Within such inspections, Roskomnadzor assesses the compliance of the entity with Russian regulations on personal data (consents, policies, decrees, cross-border data transfers, data localization requirement, technical measures, etc.).
Companies operating in Russia can check the inspection plans in their respective regions (Central, North-West, Uralian, Siberian) to determine whether they or their affiliates are subject to audits in the upcoming year and get properly prepared. Plans for South, North Caucasian, Privolzhsky, and Far Eastern regions should be available soon as well.