Wonder if anyone else is starting to notice this too.

At my company we have sensitive data which for compliance purposes requires that a person analyzing the data be a physically located in the US.

Recently, I've started to notice my company move some of their analytics and data science teams to India where those teams access and use the sensitive data even though it could cause regulatory issues / fines for my employer.

No one seems to give a shit about this - not even compliance which is really weird.

It's almost as if they did a cost benefit analysis and decided the cost savings of using teams in India outweighs the regulatory fines they would have to pay.

No doubt, granting foreign entities access to sensitive data is a great way for people's credit cards to be used in fraudulant transactions as well as people getting their identity stolen. Seeing this behavior from my employer makes me wonder how many of the recent data breeaches were caused because foreign entities had access to the data.

Kind of a rant but curious what other people are seeing.