Laws And Regulations Governing The Cloud Computing Environment

Laws And Regulations Governing The Cloud Computing Environment

Cloud computing technologies developed around them a complex legal and regulatory environment.  There are federal, international and even state laws that impose responsibilities to both cloud computing tenants and providers. Regardless of which side your business is on, you have to consider the legal issues, especially those related to the data you collect, store and process.

Different sector specific laws for cloud computing tenants and providers

To ensure you are in legal compliance, you may want to know more about American laws. In the United States, privacy and security are spread over different industry specific laws and regulations:

Health Insurance Portability and Accountability Act (HIPAA)

  • Under HIPAA’s Privacy Rule, an entity may not use or disclose protected health information unless as permitted or required by the Rule, or as authorized in writing by the individual affected. HIPAA’s Security Rule complements the Privacy Rule and deals specifically with Electronic Protected Health Information (EPHI). It lays out three types of security safeguards required for compliance: administrative, physical, and technical. The Rule identifies various security standards for each of these types. Required specifications must be adopted and administered as dictated by the Rule.

The Gramm-Leach-Bliley Act (GLBA)

  • It has 2 key rules for “financial institutions” storing data in the cloud: the Financial Privacy Rule and the Safeguards Rule. The Financial Privacy Rule requires institutions to notify each customer at the time the relationship is established and annually thereafter about the personal information about them collected, where that information is kept, with whom is shared, how is used, and how it is protected. The Safeguards Rule requires financial institutions to develop a written information security plan that describes how the company plans to protect clients’ nonpublic personal information.

Payment Card Industry Data Security Standard

  • The Payment Card Industry Data Security Standard (PCI DSS) was jointly developed by Visa and MasterCard to simplify compliance for merchants and payment processors. It has 6 core areas and 12 requirements that cover best practices for perimeter security, data privacy, and layered security.

Family Educational Rights and Privacy Act (FERPA)

  • FERPA is a federal law that protects student information collected by educational institutions and associated vendors. These institutions must have the student’s consent prior to disclosure of personal data including grades, enrollment status, or billing information. Protection of student information according to FERPA regulations is a key consideration in using cloud-based applications that handle student records. IT administrators must be aware of the information that is passed to a cloud network or application.

US-based cloud tenants and providers must consult a plethora of industry-specific laws to determine their legal risks and obligations. But if you don’t adequately protect the information you store, there are some important consequences you should assume, like fines or lawsuits. Remember that fines and lawsuits can have devastating consequences for small or midsize businesses.

So, do you know what laws should govern your cloud computing technologies?

By Rick Blaisdell

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comic
The Lighter Side Of The Cloud – Data Merge

The Lighter Side Of The Cloud – Data Merge

By Christian Mirra Please feel free to share our comics via social media networks such as Twitter, Facebook, LinkedIn, Instagram, Pinterest. Clear attribution (Twitter example: via @cloudtweaks) to our original comic sources is greatly appreciated.

The Rise Of Threat Intelligence Sharing

The Rise Of Threat Intelligence Sharing

Threat Intelligence Sharing  Security has been discussed often on CloudTweaks and for good reason. It is one of the most sought after topics of information in the technology industry.  It is virtually impossible to wake up and not read a headline that involves the words “Breached, Hacked, Compromised or Extorted (Ransomware)“. Included (below) is an…

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Moving Your Email To The Cloud? Beware Of Unintentional Data Spoliation!

Cloud Email Migration In today’s litigious society, preserving your company’s data is a must if you (and your legal team) want to avoid hefty fines for data spoliation. But what about when you move to the cloud? Of course, you’ve probably thought of this already. You’ll have a migration strategy in place and you’ll carefully…

Higher Education Institutions Increasing Cloud Use In Next 5 Years

Higher Education Institutions Increasing Cloud Use In Next 5 Years

Cloud Computing Advancing Edtech In a new research study by ResearchMoz it’s predicted that the global cloud computing market in higher education will grow steadily at a CAGR of 24.57% over the period 2016 to 2020. Making use of computing resources connected by either public or private networks provides the benefits of scalable infrastructure, greater…

Big Data and AI Hold Greatest Promise For Healthcare Technologies

Big Data and AI Hold Greatest Promise For Healthcare Technologies

Digital Healthcare Executives and Investors Addressed Opportunities and Challenges Facing the Industry New York City – September 21, 2016 – According to a survey of 122 founders, executives and investors in health-tech companies released today by Silicon Valley Bank, big data and artificial intelligence will have the greatest impact on the industry in the year ahead. Healthcare…

Are CEO’s Missing Out On Big Data’s Big Picture?

Are CEO’s Missing Out On Big Data’s Big Picture?

Big Data’s Big Picture Big data allows marketing and production strategists to see where their efforts are succeeding and where they need some work. With big data analytics, every move you make for your company can be backed by data and analytics. While every business venture involves some level of risk, with big data, that risk…

Your Biggest Data Security Threat Could Be….

Your Biggest Data Security Threat Could Be….

Paying Attention To Data Security Your biggest data security threat could be sitting next to you… Data security is a big concern for businesses. The repercussions of a data security breach ranges from embarrassment, to costly lawsuits and clean-up jobs – particularly when confidential client information is involved. But although more and more businesses are…

The Cancer Moonshot: Collaboration Is Key

The Cancer Moonshot: Collaboration Is Key

Cancer Moonshot In his final State of the Union address in January 2016, President Obama announced a new American “moonshot” effort: finding a cure for cancer. The term “moonshot” comes from one of America’s greatest achievements, the moon landing. If the scientific community can achieve that kind of feat, then surely it can rally around…

Using Cloud Technology In The Education Industry

Using Cloud Technology In The Education Industry

Education Tech and the Cloud Arguably one of society’s most important functions, teaching can still seem antiquated at times. Many schools still function similarly to how they did five or 10 years ago, which is surprising considering the amount of technical innovation we’ve seen in the past decade. Education is an industry ripe for innovation…

Digital Twin And The End Of The Dreaded Product Recall

Digital Twin And The End Of The Dreaded Product Recall

The Digital Twin  How smart factories and connected assets in the emerging Industrial IoT era along with the automation of machine learning and advancement of artificial intelligence can dramatically change the manufacturing process and put an end to the dreaded product recalls in the future. In recent news, Samsung Electronics Co. has initiated a global…

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter

Using Big Data To Make Cities Smarter The city of the future is impeccably documented. Sensors are used to measure air quality, traffic patterns, and crowd movement. Emerging neighborhoods are quickly recognized, public safety threats are found via social networks, and emergencies are dealt with quicklier. Crowdsourcing reduces commuting times, provides people with better transportation…

5 Ways The Internet of Things Will Drive Cloud Growth

5 Ways The Internet of Things Will Drive Cloud Growth

5 Ways The Internet of Things Will Drive Cloud Growth The Internet of Things is the latest term to describe the interconnectivity of all our devices and home appliances. The goal of the internet of things is to create universal applications that are connected to all of the lights, TVs, door locks, air conditioning, and…

Cloud Computing – A Requirement For Greater Innovation

Cloud Computing – A Requirement For Greater Innovation

Cloud Computing Innovation Sao Paulo, Brazil has had trouble with both energy and water supplies as of late. Despite it is the rainy period. Unfortunately Sao Paulo is very dependent on its rain as a majority of its power is generated from large dams. No water, no energy. Difficult situation for a city of some…

The Internet of Things Lifts Off To The Cloud

The Internet of Things Lifts Off To The Cloud

The Staggering Size And Potential Of The Internet of Things Here’s a quick statistic that will blow your mind and give you a glimpse into the future. When you break that down, it translates to 127 new devices online every second. In only a decade from now, every single vehicle on earth will be connected…

New Report Finds 1 Out Of 3 Sites Are Vulnerable To Malware

New Report Finds 1 Out Of 3 Sites Are Vulnerable To Malware

1 Out Of 3 Sites Are Vulnerable To Malware A new report published this morning by Menlo Security has alarmingly suggested that at least a third of the top 1,000,000 websites in the world are at risk of being infected by malware. While it’s worth prefacing the findings with the fact Menlo used Alexa to…

15 Cloud Data Performance Monitoring Companies

15 Cloud Data Performance Monitoring Companies

Cloud Data Performance Monitoring Companies (Updated: Originally Published Feb 9th, 2015) We have decided to put together a small list of some of our favorite cloud performance monitoring services. In this day and age it is extremely important to stay on top of critical issues as they arise. These services will accompany you in monitoring…