Laws And Regulations Governing The Cloud Computing Environment

Laws And Regulations Governing The Cloud Computing Environment

Cloud computing technologies developed around them a complex legal and regulatory environment.  There are federal, international and even state laws that impose responsibilities to both cloud computing tenants and providers. Regardless of which side your business is on, you have to consider the legal issues, especially those related to the data you collect, store and process.

Different sector specific laws for cloud computing tenants and providers

To ensure you are in legal compliance, you may want to know more about American laws. In the United States, privacy and security are spread over different industry specific laws and regulations:

Health Insurance Portability and Accountability Act (HIPAA)

  • Under HIPAA’s Privacy Rule, an entity may not use or disclose protected health information unless as permitted or required by the Rule, or as authorized in writing by the individual affected. HIPAA’s Security Rule complements the Privacy Rule and deals specifically with Electronic Protected Health Information (EPHI). It lays out three types of security safeguards required for compliance: administrative, physical, and technical. The Rule identifies various security standards for each of these types. Required specifications must be adopted and administered as dictated by the Rule.

The Gramm-Leach-Bliley Act (GLBA)

  • It has 2 key rules for “financial institutions” storing data in the cloud: the Financial Privacy Rule and the Safeguards Rule. The Financial Privacy Rule requires institutions to notify each customer at the time the relationship is established and annually thereafter about the personal information about them collected, where that information is kept, with whom is shared, how is used, and how it is protected. The Safeguards Rule requires financial institutions to develop a written information security plan that describes how the company plans to protect clients’ nonpublic personal information.

Payment Card Industry Data Security Standard

  • The Payment Card Industry Data Security Standard (PCI DSS) was jointly developed by Visa and MasterCard to simplify compliance for merchants and payment processors. It has 6 core areas and 12 requirements that cover best practices for perimeter security, data privacy, and layered security.

Family Educational Rights and Privacy Act (FERPA)

  • FERPA is a federal law that protects student information collected by educational institutions and associated vendors. These institutions must have the student’s consent prior to disclosure of personal data including grades, enrollment status, or billing information. Protection of student information according to FERPA regulations is a key consideration in using cloud-based applications that handle student records. IT administrators must be aware of the information that is passed to a cloud network or application.

US-based cloud tenants and providers must consult a plethora of industry-specific laws to determine their legal risks and obligations. But if you don’t adequately protect the information you store, there are some important consequences you should assume, like fines or lawsuits. Remember that fines and lawsuits can have devastating consequences for small or midsize businesses.

So, do you know what laws should govern your cloud computing technologies?

By Rick Blaisdell

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

4 Things To Know Before Virtualizing Your Desktops

4 Things To Know Before Virtualizing Your Desktops

Forrester Research: The Keys to a Successful Deployment Desktop virtualization projects are transformational. They can dramatically minimize IT costs while better empowering workers with more ubiquitous access to the applications and data they need to be productive. In fact, according to recent research by Forrester, worker productivity when working remotely across multiple devices, increased 51%…

5 Tips For Building A High Growth IT Platform

5 Tips For Building A High Growth IT Platform

5 Tips For Building a High Growth IT Platform Building and maintaining today’s enterprise computing platforms is a lot more challenging than it was in the past. The competitive and fast moving nature of business requires a corporate network capable of meeting a company’s ever changing needs and requirements. For IT, this poses difficult challenges…

Is Your Corporate Data Appearing On Personal Clouds?

Is Your Corporate Data Appearing On Personal Clouds?

Corporate Data Appearing On Personal Clouds Enterprise cloud adoption has led to cloud consumerization, but how safe is any personal cloud? Remember when you’d join a company and they’d issue a desktop computer and corporate-issued cell phone? And remember all the company’s data was stored in a server on-site at the company? It’s fair to…

Hoarders And Data Collectors:  On The Brink Of Unmanageability

Hoarders And Data Collectors: On The Brink Of Unmanageability

Hoarders and Data Collectors In our physical world, hoarders are deemed “out of control” when they collect too much.  Surely the same analogy applies in our online world.  When providers collect realms of data from us, it seems they lose control of that too?  In the last months it’s not just the frequency of data…

Global Cloud Development An Open Question

Global Cloud Development An Open Question

Global Cloud Development Statistics and projections from Cisco’s Global Cloud Index show that the world’s data centers are already processing 4.7 zettabytes (4.7 million petabytes) per year. Cisco research says this amount will continue to grow by 23% annually for the next few years. (Inforgraphic Source: https://visual.ly/how-much-petabyte) If we project these numbers over the next 25…

Hybrid IT Matures Just In Time To Tackle Complex Challenges

Hybrid IT Matures Just In Time To Tackle Complex Challenges

Tackling Complex IT Challenges Sponsored by Hybrid IT: The Next Evolution in Enterprise IT, NetApp and Verizon. Today’s sophisticated business environment demands a dynamic and robust IT infrastructure which is a far cry from the closed, controlled environments that most IT departments were created to handle. A hybrid IT infrastructure, drawing services from multiple cloud-based…

Featured Sponsored Articles
The Benefits of Cloud-Based Phone Systems

The Benefits of Cloud-Based Phone Systems

Cloud-Based Phone Systems This article has been sponsored by RingCentral, provider of state-of-the-art cloud infrastructure. Although today’s businesses rely on a host of modern technology, the century-old telephone call is as essential as ever. Of course, businesses today aren’t relying on simple analog voice calls for effective interaction with partners, suppliers, colleagues, and customers, but…

Featured Sponsored Articles
Working With Cloud White Label Partners

Working With Cloud White Label Partners

Cloud White Label Services Sponsored by CloudMGR The benefits of consolidating your cloud to one of the giants such as AWS, Microsoft Azure, and Google Cloud are improving as competition increases, with pricing wars between the service providers meaning better savings for businesses utilizing these services, and an abundance of features at user fingertips as…

Featured Sponsored Articles

CloudTweaks is recognized as one of the leading influencers in cloud computing, infosec, big data and the internet of things (IoT) information. Our goal is to continue to build our growing information portal by providing the best in-depth articles, interviews, event listings, whitepapers, infographics and much more.

Sponsor