GDPR goes into effect on May 25. “Are you prepared? Are you GDPR-compliant? Are you ready?”

When the European Union announced its intention to expand regulations of its existing data privacy laws over 2 years ago, U.S. businesses focused on what would be their burden of compliance and how it would impact their level of liability. At the time, the GDPR (General Data Protection Regulation) was an unprecedented enforcement expansion by a major global economy government on businesses outside their borders. Experts and consultants pored through the several hundred pages of regulations and articles and came to a core consensus that any entity that handles the personal data of EU nationals and individuals would be impacted even if they’re physically and legally outside the EU. At the beginning, the focus was mostly on how the EU authorities would view GDPR and data privacy compliance.

Flash forward to now and the questions U.S. businesses are now asking themselves are not just what the EU authority expects but their customers. Equifax and Facebook’s recent missteps in handling personal data have made average users painfully aware of how vulnerable their personal information is to misuse and exploitation.

Whether GDPR directly and legally applies to your specific business or legal practice may come down to the finer details of the GDRP regulations. How large is the personal data you’re handling? What type of personal data and how private is it? And to what purpose is the personal data used?

If you’re an INSZoom customer, it’s likely you’re using your client’s personal data towards a mutual agreed purpose related to immigration, global mobility or travel. These types of data transactions don’t seem to be of critical concern for the EU authority and their GDPR because of the specifics, narrowness in scope, transparency and consent of use regarding the data transaction. Though the collected personal information is private, sensitive and non-public (e.g. racial or ethnic origins, financial, legal, etc.), it is not used towards the behavior monitoring or massive data analytics which have been the subject of such public scrutiny, criticism and lawsuits.

Given the current state of privacy awareness we enter, it should not come as a surprise that many of our customers are using the May 25th deadline not only as a GDPR compliance date but also as a blanket data privacy readiness for all its users instead of just EU users. It would not be the first time that a new regulation has impact outside its original objective. It’s probable that we are entering a new normal and level of expectation baseline in what is required for data security and privacy.

Regardless of the size of your GDPR footprint, INSZoom is well positioned to provide the technology, structure and support needed. We’ve been following ‘Privacy By Design’ practice since the beginning in 1999. INSZoom possesses ISO/IEC 27001 certification and all data collected is formatted in a 256 bit Encrypted SQL Database. Technology experts have found that data security best practice under the ISO 27001 framework meets much of what GDPR requires under its article including “technology and security measures” such as:

  • ISO 27001 mandates the listing of all relevant statutory, legislative, contractual, and regulatory requirements.
  • Risk assessment requirements of the ISO 27001 mandates the implementation of a Data Protection Impact Assessment and undertaking an evaluation of privacy risks.
  • Asset management requisites of the ISO 27001 include personal data as a valuable information security asset which must define which personal data are involved in your operations, its origins, where to store it, for how long, and who will have access to these including any applicable supplier and storage relationships.
  • ISO 27001 dictates systems acquisitions, development, and maintenance, which requires data security as an integral component of information systems throughout its lifecycle.
  • Breach notification strictures under the ISO 27001 entail an efficient and consistent method to deal with data security to notify authorities within 72 hours after the discovery of a personal data breach.
  • ISO 27001 uses risk assessments to identify the necessary controls regarding risk management, data protection impact assessments, and mitigation to the risks regarding rights and freedoms of data subjects.

In addition, INSZoom application has committed itself to respecting and promoting the data rights the GDPR has outlined for all our customers by affirming the following:

  • No controller or data subject personal data is subject to cross border data flows outside the U.S. especially in the EU. All data is stored at our hosted servers with Amazon Web Services in North America (U.S. for our U.S. clients and Canada for Canadian clients) which has military level security.
  • No controller or data subject personal data is shared with any unauthorized third party including contractors or outside entities such as credit, consumer or marketing entities.
  • INSZoom will process our customer’s data for the sole purpose of providing the services according to their instructions and hosting and service agreements
  • INSZoom will implement and maintain technical and organizational measures to ensure a level of security appropriate to the risk as set out by the GDPR and related regulations
  • INSZoom will inform our customers without undue delay of requests from their Data Subjects exercising their Data Subject rights addressed directly to INSZoom regarding our customer’s personal data
  • INSZoom will maintain and commit themselves to our customer’s confidentiality and not process such personal data for any other purposes, except on instructions or unless required by applicable law.
  • INSZoom will make every good faith effort to assist and cooperate with our customer’s reasonable requests for GDPR related assistance regarding Information, Audit, Return/Deletion, Processing, Assistance and Records requests.

We’re proud to declare that all our subscription plans meet the GDPR readiness outlined above in addition to the tools and features below which provide additional support to meet your customer’s GDPR expectations:

  • E-Consent Module allows you to capture and store a clear and authorized consent from the user to use their data towards the agreed immigration or mobility action.
  • Adhoc Reports to track your data user population based on what information and audits you need to collect and maintain
  • HR and Global Vendor Portals to better work with your business partners who directly oversee their employees – the impacted data users
  • FN Portals to allow the data user to exercise their ability to handle their own data per their needs for GDPR and beyond
  • Multifactor Authentication for additional security and technology measures
  • Knowledge Base. Alerts and Compliance Management for custom configurations to better organize and maintain your client data users

INSZoom as a SaaS solution has always stayed ahead and adapted to industry changes. We are committed to provide the best solutions by listening to our customers, innovating and adapting to the ever-changing immigration industry.

A few days ago, President Barack Obama voiced his full support for comprehensive immigration reform. The old system is “out of date and badly broken,” the president said at a high school in Las Vegas on Tuesday. A new one is needed.

This status, this broken nature of U.S. immigration policy, is well known by those of us who live and breathe in the industries of immigration and global mobility. We see it every day and we plan our business strategies around this broken system.

It’s a relief to hear President Obama strongly support immigration reform. In the business world, we’re ready for a fresh look at how immigration in its entirety is managed. This includes traditional work visas like the H-1B and L-1 visas, but it also includes how we manage student visas and the path to permanent residency and citizenship. Throughout history, immigrants have been the life and blood of innovation in the United States and the policies of immigration are either in the way of progress or support it.

We choose to support progress and we build technology solutions whose primary goals are to support progress. For over a decade, INSZoom’s software has powered the migration of professionals, spouses, children, students, parents, artists and more from nation to nation. Our software has tracked them and made sure they stayed compliant with the laws of the U.S., U.K., Canada, Australia, Germany, China, India and more than 80 other countries across this world.

We’ll continue to do so. We’ll continue to expand our software offerings. And we’ll continue to support legislation and policy amendments that help us all progress and innovate, now and in the future.

Welcome to our new blog and our new website and, hopefully, welcome to the future of immigration reform in the U.S. We’ll be here to build the technology to support it, whatever it becomes.

Umesh Vaidyamath has more than 22 years of proven senior technology and management experience in the software industry. As Chief Executive Officer of INSZoom, Umesh drives the overall direction of the company and oversees the company’s engineering, marketing and sales divisions. Follow Umesh Vaidyamath via Facebook, Twitter and Google+

I often read on blogs or websites about the kind of questions individuals with immigration cases under process ask for themselves or for their family members. One question that stands out is ‘What is the status of my case?‘ On hearing this I reminiscent back to the time I started my career as an immigration professional, when our mailboxes and telephone lines would be flooded with these questions. I used to think Why!!! Why can’t we have a simple way of getting this information other than having to call the USCIS and then sending the information to the employee?

Just over a decade ago the Online Case Status Check was introduced by the USCIS, in October 2002. A long time has passed since, and today there is a significant difference in the customer experience while dealing with the USCIS. Today they have multiple online options like Case Status Check, My Case Status, the portal released by USCIS in April 2004 with email and SMS capability and the recent e-Request feature, to inquire or learn about processing of cases.

With the Department of State introducing the Visa Status Check, they seem to be taking a leaf from the experience of the USCIS in improved customer experience, a move I strongly believed was long overdue.

I am excited to be a part of the team at INSZoom, that takes another step, to continue being the forerunner in providing technology solutions by integrating with the Visa Check Status. This cool and intuitive feature will enable checking the status of the DOS Case directly from the INSZoom system. This in addition to the existing USCIS case tracking features. To learn more about this cool new feature feel free to contact our customer service representatives.

By Umesh Vaidyamath

I came to the United States in 1990. I was a dreamer and was lucky to have an H-1B immigration status, unlike Obama’s DREAMers of today.

I was sponsored for my H1-B and then my Green Card by the Fortune 100 company I worked for. I still remember how the company’s HR department had no clue about the seriousness or complexity of the immigration process. For them, it was just another set of paperwork. They empowered me to take care of my own immigration needs. They gave me a budget. I chose my own attorney and, with him, managed my own immigration process. It took me 18 months to get my Green Card.

But oh the times have changed. Today, many HR departments get it. The U.S. government as well as advocacy groups like the American Immigration Lawyers Association (AILA) and the American Council of International Professionals (ACIP) have done a tremendous job of educating the industry of the need and the complexity of immigration.

Just as important is the support and advocacy from leaders from companies like Facebook, LinkedIn, Dropbox and Microsoft. If you haven’t yet heard of it, take a few moments to learn more about FWD.us. They are an organization started by key leaders including Mark Zuckerberg, Bill Gates and Reid Hoffman and they want to make immigration reform real.

FWD.us is conducting a “Hackathon” on November 21 and 22, in which DREAMer engineers and product designers and their mentors will code for 24 hours straight at LinkedIn’s headquarters.

I would like to personally congratulate all of the selected DREAMers and wish them the best of luck during the Hackathon and in their future careers and lives. Godspeed to all of you and kudos to Mark Zuckerberg and the entire FWD.us team for this great initiative.

DREAMers selected for DREAMers hackathon

Luis Aguilar, 25, Falls Church, VA
Gerardo Alvarado, 25, Milwaukee, WI
Isabel Bahena, 23, San Leandro, CA
Sarahi Espinoza, 23, East Palo Alto, CA
Roly Fentantes, 25, New York, NY
Erick Garcia, 27, Mesa, AZ
Jay Hu, 23, New York, NY
Henry Lopez, 19, Falls Church, VA
Rocio Lopez, 24, Mountain View, CA
Celso Mireles, 26, Phoenix, AZ
Justino Mora, 24, Los Angeles, CA
Erick Orellana, 20, Patchogue, NY
Edson Sierra, 20, Charlotte, NC
Kent Tam, 24, Los Angeles, CA
Dayana Torres, 19, Fairfax, VA
Edgar Torres, 26, Oceanside, CA
Jorge Torres, 27, Oceanside, CA
Carlos Vargas, 28, New York, NY

A new scheme called the Red Carpet Scheme has just been launched by Denmark for business professionals. Similar to the Orange Carpet Scheme by Netherlands, this scheme will affect multiple companies, including India. Under this scheme, executives, middle-level managers and experts who are part of Indian (or other eligible countries) companies that are registered with Denmark will be given multiple entry business visas valid through all Schengen countries.

This new visa scheme was launched to support business travel to Denmark to conduct ongoing business as well as exploratory business. The program is open to public and private companies as long as they meet certain requirements. Accreditation by the company must take place before an employee can request access through the program.

Key businesses have already established themselves as participants in the Red Carpet Scheme; this includes leading companies such as Tata and L&T.

Accreditation is being offered to multiple company types, including:
  • Established local subsidiaries of Danish companies
  • Established local companies with a subsidiary in Denmark
  • Companies that regularly send employees to Denmark
  • Local companies with exclusive partnerships with Danish companies
  • Local companies whose employees regularly need to travel to Denmark to engage in business
  • Local companies with an interest in investing funds in Denmark
Benefits of participation include:
  • Decisions allowing for entry will be made within three business days
  • Documentation requirements have been greatly reduced
  • Applicants do not need to apply in person and no appointments are required
  • Multiple-entry visas are being offered

The goal of the Red Carpet Scheme is to simplify the visa and entry process to Denmark for valid business professionals. The program was created based on requests by businesses with established business engagement in Denmark. Plans are afoot to introduce a similar scheme for students wishing to obtain higher education in Denmark.

To celebrate the festivities of Diwali, an Indian festival equivalent in fervor and spirit of Christmas, a group of us decided to go into town and have some fun. Conversation topics during the celebration ranged from family and friends to politics and what all expatriates in the U.S. love to discuss – immigration and the pitfalls of the current system.

During this discussion one of the people present (lets call him John) mentioned a call he got from someone who said he was a USCIS officer. This person knew John’s personal information as well as his immigration status.

The “officer” was initially polite and courteous and took additional information from John. But then, the “officer” turned the tables. He referred to a series of inaccuracies and fallacies in John’s immigration documents and records. He then indicated that these could be quickly corrected to ensure that John would not face any problems with the USCIS.

Obviously, John was eager to correct these “errors”. The so-called officer then dropped the bombshell indicating that there would be a hefty charge to have these records updated and corrected. This request set off warning bells. John questioned the officer.

The discussions quickly turned ugly. The “officer” used threats and strong language to attempt to get John to pay the fees.

John made a wise next choice. He asked the “officer” to send him a written notice. If the fee was legitimate, John said he had no problem with paying it.

John, however, was now convinced that this was a scam. After the “officer” hung up, John tried to call back the number, but it was a spoof number.

Since then I have heard numerous similar stories. Some people have even paid these scam artists.

Like all governments, the U.S. government has its fair share of positive and negative aspects. But this country excels in its commitment to be fair and impartial to any individual. People have the right in this country to be heard and clarify their positions before any action is taken. To do this, the U.S. government gives individuals written notices and gives them the opportunity to respond.

If you are ever a recipient of such a call, ask for the officer’s credentials, write down his or her contact number and insist that a written notice be sent to you on the allegations and the course of action available to you to remedy the issue. Never make payments over the phone unless you have initiated the process and there are specific provisions to make phone payments. Remember, the U.S. government never requires any particular payment method; they provide you with multiple payment options, including checks, which provide a complete trace of the transaction.

Last but not least, seek advise from a legal representative or corporate immigration team before acting upon any such request you receive.

Inszoom Academy