ALL >> Computers >> View Article
Legal And Compliance Issues With Cloud Based Data Management
Security in a cloud based computing environment is at the forefront of concerns for enterprises. Cyber security is a risk to any organization that relies heavily on data, and this is compounded by regulatory issues that organizations face. Legal compliance and privacy are two significant risks associated with cloud data breaches.
Cloud Compliance
Companies that maintain Personally Identifiable Information (PII) are under strict regulation by most state governments, and this type of information is anything that can be associated directly to an individual’s identity such as social security numbers, driver’s license ID, or even financial information.
There are a few standards in place such as PCI-DSS, HIPAA and HITECH that apply to various industries and industry segments, but there is no real standardization across all industries as of yet.
Financial institutions, merchants are retailers all must comply with the Payment Card Industry Data Security Standard or PCI-DSS. While this standard can be complex, a simple description is that anyone who comes in direct contact with any data associated ...
... with a person who uses a credit or debit card to make a purchase is responsible for the safekeeping of that person’s data. PCI compliance is required of any online retailer, brick and mortar retailers, and all financial institutions and the standard is even applicable to organizations that may not actually come in direct contact with cardholder data.
The Health Insurance Portability and Accessibility Act, also known as HIPAA, is designed to protect the health information of individuals along with the Health Information Technology for Economic and Clinical Health, or HITECH standard. These standards are in place to ensure that health information such as medical conditions, treatments, medications and other similar health information is kept private by the people who are exposed to this information during the conduct of legitimate business.
Once you are aware of these standards, it is important to consider the ramifications of a data breach when implementing a cloud-data infrastructure. Cloud Compliance with these standards is possible and many organizations are able to remain compliant in a cloud environment.
Today the government currently has significant reach when it comes to your personal data. While private companies must be compliant with the aforementioned standards, a person’s private information is not currently protected under US law from inquiries by the Federal Government. Some lawmakers are attempting to change this and if you are engaging in a cloud-based data storage solution, it is something to consider carefully.
When it comes to Federal legislation, Sarbanes-Oxley (SOX) is also a concern when it comes to privacy standards and cloud computing. Financial institutions that are responsible entities under SOX must ensure that any cloud vendors are in full compliance with SOX as well under the statute. In order to ensure that this is accomplished, new auditing standards known as SSAE 16 have been established. When a financial institution publishes the required reports under SSAE 16, they must demonstrate that they have adequate internal controls and process when it comes to the handling of information. This is a broad ranging examination of all data related activities including networking, power redundancy and data protection policies.
Many organizations manage to operate in Cloud Compliance with the standards noted above every day. A close examination the steps they are taking can provide guidance so those practices can be emulated within your own organization.
Knowledge of current regulatory requirements and issues is of the utmost importance when considering any cloud-based data alternatives for your enterprise. The laws and risks associated with new technology can become problematic for those who delve into the process without the proper background and expertise in compliance with these standards. Be sure to understand the regulations that apply to your business, and which laws may be unique to your own state to ensure a successful utilization of a cloud-based system.
Author:
Tomas Cohen is a security enthusiast and analyst covering the most significant security topics and trends prevalent worldwide. He also involves in the technology related to Cloud Security, Data Loss Prevention, Cloud Compliance etc.,
Add Comment
Computers Articles
1. 10 Dropshipping Shopify Apps For Shopify Stores 2025Author: Elightwalk Technology
2. How To Write A Great Creative Ux Brief For A Design Consultancy
Author: goodcoders
3. How To Market Your Gojek Clone App Effectively
Author: simonharris
4. Scrape Restaurant Guru Review Data: Unlock Actionable Insights
Author: DataZivot
5. How To Make A Rental Search App To Solve Tenants’ Problems?
Author: goodcoders
6. Is The Is200ehpag1d Exciter Gate Pulse Amplifier Board The Ideal Choice For Your Power System Needs?
Author: Alex Zilk
7. Document Management System For Clinical Trials
Author: Giselle Bates
8. Vupico Sdp
Author: Lorenzoe Taala
9. An Extensive Guide On E-commerce Application Development
Author: goodcoders
10. Why Do Your Businesses Need Vehicle Rental Management Software In 2025?
Author: RentAAA
11. Exploring Bigpond A Reliable Choice For Your Internet Needs
Author: james smith
12. Elevate Your Online Presence With Leading Digital Marketing Solutions In Surat
Author: sassy infotech
13. How To Power Several Appliances Together Safely?
Author: Jennifer Truong
14. Web Scraping Zomato Restaurant Customer Reviews
Author: DataZivot
15. Why Every Coworking Space Needs Management Software To Thrive
Author: RentAAA