The Science of Compliance
Everyone knows that designing and building a data centre is monumentally complex and expensive. This is primarily because it brings together multiple industry sectors within a single operational unit: building standards, telecommunications cabling and networks, combustion plant, electrical engineering, building and energy management, not to mention computing infrastructure, hardware and software and - trickiest of all - digital data.
It is in the arena of regulatory compliance that things can really get difficult for data centres. Compliance is not optional: it is a legal obligation – no ifs, no buts. Unfortunately the regulatory landscape is of Byzantine complexity and many requirements are not obviously applicable to data centres, are ambiguously or tortuously worded or are buried in obscure schedules. It is surprisingly easy to fall foul of the law.
Indeed, over the last few years quite a few operators have been caught unawares, most commonly by breaching regulations related to diesel generators. Data centres with large installed generator capacity may be obliged under EU ETS (EU Emissions Trading Scheme) and IED (Industrial Emissions Directive). The first relates to carbon and the latter to air quality. The common misconception has been an assumption that they don’t apply because the generators hardly run: unfortunately the rules are set by capacity not by activity and the sector has found this out the hard way. Now that a new set of generator regulations are coming into force then operators need to be much more vigilant.
Getting it wrong leads at the very least to the risk or reputational damage and embarrassment. More worryingly, compliance failures like these are most likely to be picked up during due diligence for a large potential customer or an investor, or when the site is subject to an M&A. Nobody wants to see any of these processes derailed because the generators don’t have exactly the right kind of permit and therefore the site is operating illegally.
From our experience, the sites that are most vulnerable are large and new, especially those built or operated by newcomers to the UK market. But older sites are certainly not immune: those that have grown incrementally, including campus-style operations may have inadvertently breached regulatory thresholds.
If you are in doubt about the status of your site(s), get in touch and see how we can help. The team at VIPA can assist by providing an operational risk assessment of your environment and help to develop a compliance program that meets your regulatory requirements. For more details email firstname.lastname@example.org