ALL >> Computers >> View Article
Legal And Compliance Issues With Cloud Based Data Management
Total Articles: 16
Security in a cloud based computing environment is at the forefront of concerns for enterprises. Cyber security is a risk to any organization that relies heavily on data, and this is compounded by regulatory issues that organizations face. Legal compliance and privacy are two significant risks associated with cloud data breaches.
Companies that maintain Personally Identifiable Information (PII) are under strict regulation by most state governments, and this type of information is anything that can be associated directly to an individual’s identity such as social security numbers, driver’s license ID, or even financial information.
There are a few standards in place such as PCI-DSS, HIPAA and HITECH that apply to various industries and industry segments, but there is no real standardization across all industries as of yet.
Financial institutions, merchants are retailers all must comply with the Payment Card Industry Data Security Standard or PCI-DSS. While this standard can be complex, a simple description is that anyone who comes in direct contact with any data associated with a person who uses a credit or debit card to make a purchase is responsible for the safekeeping of that person’s data. PCI compliance is required of any online retailer, brick and mortar retailers, and all financial institutions and the standard is even applicable to organizations that may not actually come in direct contact with cardholder data.
The Health Insurance Portability and Accessibility Act, also known as HIPAA, is designed to protect the health information of individuals along with the Health Information Technology for Economic and Clinical Health, or HITECH standard. These standards are in place to ensure that health information such as medical conditions, treatments, medications and other similar health information is kept private by the people who are exposed to this information during the conduct of legitimate business.
Once you are aware of these standards, it is important to consider the ramifications of a data breach when implementing a cloud-data infrastructure. Cloud Compliance with these standards is possible and many organizations are able to remain compliant in a cloud environment.
Today the government currently has significant reach when it comes to your personal data. While private companies must be compliant with the aforementioned standards, a person’s private information is not currently protected under US law from inquiries by the Federal Government. Some lawmakers are attempting to change this and if you are engaging in a cloud-based data storage solution, it is something to consider carefully.
When it comes to Federal legislation, Sarbanes-Oxley (SOX) is also a concern when it comes to privacy standards and cloud computing. Financial institutions that are responsible entities under SOX must ensure that any cloud vendors are in full compliance with SOX as well under the statute. In order to ensure that this is accomplished, new auditing standards known as SSAE 16 have been established. When a financial institution publishes the required reports under SSAE 16, they must demonstrate that they have adequate internal controls and process when it comes to the handling of information. This is a broad ranging examination of all data related activities including networking, power redundancy and data protection policies.
Many organizations manage to operate in Cloud Compliance with the standards noted above every day. A close examination the steps they are taking can provide guidance so those practices can be emulated within your own organization.
Knowledge of current regulatory requirements and issues is of the utmost importance when considering any cloud-based data alternatives for your enterprise. The laws and risks associated with new technology can become problematic for those who delve into the process without the proper background and expertise in compliance with these standards. Be sure to understand the regulations that apply to your business, and which laws may be unique to your own state to ensure a successful utilization of a cloud-based system.
Tomas Cohen is a security enthusiast and analyst covering the most significant security topics and trends prevalent worldwide. He also involves in the technology related to Cloud Security, Data Loss Prevention, Cloud Compliance etc.,
Computers Articles1. Why Has The Sign Engraving Equipment Become An Essential For Personalisation
Author: Rob Hibbs
2. Computer Forensic Analyst Can Help To Dig Up The Truth Using Latest Technology Devices
3. How To Update Adobe Flash Player On A Mac Computer?
Author: Mac Support Team
4. Playstation 4 Repair Uk | Playstation Repairer
Author: Playstation 4 Repair UK
5. How To Recover Pst File Password In Outlook 2016 Free?
Author: Outlook Support Team
6. How To Securely Wipe Private Data With Active@ Killdisk
Author: James Vaughn
7. Find Reasonable Minute Of Every Day Norton Setup For Your Computer Needs
Author: Stephanie Smith
8. Register Your Business Name With Seo Friendly .co Domain Extension
Author: Ridhi Bhatia
9. Where To Find The Model Or Printer Number Of A Hp Printer?
Author: Maria Silvia
10. The Computer Repair Salem Ma Offer Best Solutions To Any Hardware Or Software Problem Of Your Comput
11. Things To Consider Before Buying A 3d Printer
Author: Jamie Smilovici
12. Everything To Know Before Using Surface Laptop Promo Code
Author: Christine Bleakley
13. Ps4 Repair London | Playstation Repairer
Author: Playstation Repair Centre
14. Pro Tip: How To Secure Windows 10 Boot Process
Author: Ellie Williams
15. How To Clear Cookies, Cache Memory And Browsing History In Aol?
Author: Maria Silvia