From PLI s Online Program Cloud Computing: Pointers for Addressing the New Legal Issues Arising from this Emerging Technology #21735

Size: px
Start display at page:

Download "From PLI s Online Program Cloud Computing: Pointers for Addressing the New Legal Issues Arising from this Emerging Technology #21735"

Transcription

1 From PLI s Online Program Cloud Computing: Pointers for Addressing the New Legal Issues Arising from this Emerging Technology # PREPACKAGED BANKRUPTCY AND PREARRANGED BANKRUPTCY PROCESS Deryck Palmer Jessica Fink Cadwalader, Wickersham & Taft LLP Disclaimers and Suggested References: The outline that follows provides a general overview of retiree medical benefit VEBAs, with specific focus on the VEBAs recently proposed by the Big Three U.S. automakers. The author is by no means an expert on medical benefit plans or VEBAs. Nor can the author claim special insight into any aspect of the Big Three VEBAs. The information in this outline is gleaned entirely from public sources. For two very practical references on retiree medical and VEBAs see: (1) the ABA-JCEB teleconference Shifting Retiree Health Benefits from Employers to VEBAs (December 6, 2007 available in archived teleconf format or CD), in which Nell Hennessey, Douglas Greenfield, Karen Handorf and Vicki Hood do a terrific job describing the background on union retiree medical and the Big Three VEBAs and (2) Jones Day Commentary Who Killed Yard-Man (Apr. 2007), a Jones Day client newsletter

2 Cloud Computing: Pointers for Addressing New Legal Issues Arising from this Emerging g Technology March 19, 2009 PLI Conference Jeffrey D. Neuburger Proskauer Rose LLP Steven J. Soucar IBM The views and opinions expressed by Steven J. Soucar are his own and not necessarily those of IBM The views and opinions expressed by Jeffrey D. Neuburger are his own and not necessarily those of Proskauer Rose LLP

3 What is cloud computing? Cloud computing is Internet ("cloud") based development and use of computer technology ("computing") ). It is a style of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet. Users need not have knowledge of, expertise in, or control over the technology infrastructure "in the cloud" that supports them. Wikipedia An emerging computing model by which users can gain access to their applications from anywhere, through any connected device. A user-centric interface makes the cloud infrastructure supporting the applications transparent to users. The applications reside in massively scalable data centers where computational resources can be dynamically provisioned and shared to achieve significant economies of scale. - IBM

4 Is Cloud Computing New? Cloud Computing evolved from existing technologies Not the same as Grid Computing but similar goals Not the same as Utility Computing but clouds can provide utility computing Not just Provisioning but clouds use provisioning

5 Evolution to Cloud Computing Service Bureau Punch Cards Mailed to Processor Location Finished i Results Sent Back Outsourcing Remote Committed Location for Processing /Storage Data Transferred to/ from on Dedicated Lines Cloud Remote Location for Processing / Storage Not Committed Data Transferred by Public Internet t 1950s 1990s 2000s 2010

6 What Does Cloud Computing Mean to the Various Constituencies? IT Customers: Public clouds / Private clouds - Flexible pricing / business models - On demand provisioning - Unlimited scaling - SW developer platform -Flexible Common Attributes of Clouds Elastic scaling Rapid provisioning Advanced virtualization Flexible pricing IT Analysts: - Variable pricing - No long term commitments - Hosted, on demand provisioning - Massive, elastic scaling - Standard Internet technology - Abstracted infrastructure - Service-oriented Press: Financial Analysts: - Pay by consumption - Lower costs - Utility pricing - Hosted, a-a-s provisioning ii i - On demand provisioning - Parallel, on demand processing - Grid and SaaS combination - Scalable - Massive scaling - Virtualized, efficient infrastructure - Efficient infrastructure -Flexible - Simple and easy - No capital outlay for user - Better utilization of capital expenditures for provider

7 Privacy and Data Security Private clouds Assuming data remains within the organization, is it different from any other internal technology implementation involving sensitive information? Pi Privacy and ddata security laws and agreements impose obligations to maintain the privacy of personally identifiable information and protect personally identifiable information from theft or unauthorized access. Regulatory Issues HIPPA, GLB, FACTA; Contractual Obligations; Breach Notification; Disaster Recovery; SOX. Technical Issues and Solutions.

8 Privacy and Data Security Public clouds Regulatory Issues HIPPA, GLB, FACTA; Contractual Obligations; Breach Notification; Disaster Recovery; SOX. Customers may be subject to contractual obligations to maintain data security and may be required to impose those obligations on service providers. Customers may seek contract provisions to conform with requirements, e.g., notification of a breach in the security of data, encryption of data, secure deletion of data when no longer required. The nature of a public cloud complicates the technical issues The nature of a public cloud complicates the technical issues and solutions.

9 Privacy and Data Security Federal Trade Commission Has brought enforcement actions under the FTC Act against companies for failure to maintain the security of consumer data. Failure to comply with published security promises is deceptive. Failure to use reasonable means to secure data is an unfair trade practice. FTC Workshop Securing Personal Data in the Global Economy March 16-17, 2009 "We need to be smarter about dealing with technology, and cloud computing is posing (a) risk for us." --- Hugh Stephenson, FTC deputy director for international consumer protection. Electronic Privacy Information Center (EPIC) called upon the FTC to investigate t privacy and data security safeguards of public cloud computing services offered to consumers (e.g., Google Docs, etc.)

10 Privacy and Data Security State Breach Notification Laws Generally: Obligate owners or licensors of computerized data containing personal information to give notice to customers in the event of a breach in the security of data. Business that maintain computerized data that includes personal information that they do not own must give notice to owner or licensor of the data of a breach in the security of data. Approximately 47 states have enacted such laws. Generally, these laws cover personal and financial data. Only two states (California and Arkansas) cover health and insurance information. Encryption as Safe Harbor.

11 Privacy and Data Security Federal Breach Notification Law No general federal data breach notification law has yet been enacted, despite bill introductions and hearings. However, the HITECH Act, (signed into law on Feb. 17 as part of H.R. 1, the stimulus legislation ), contains data security breach notification provisions applicable to health information. Amends the Health Insurance Portability and Accountability Act (HIPAA) to require covered entities (i.e., health care providers) to give notice of a breach in the security of unsecured health information. Also directly obligates business associates of covered entities to give notice of a breach to the covered entity. Further amends HIPAA to impose general data security obligations directly on business associates of covered entities.

12 Privacy and Data Security International Issues EU Data Protection Law Utilizing cloud computing providers that store data outside the EU could be problematic. Prohibits transfer of personal data from EU countries to countries whose data protection laws are not judged to be adequate under EU law. U.S. law is deemed not adequate by EU data protection authorities. Transfer of EU data to the U.S. is permitted, however, if: The U.S. entity to which the data is being transferred has entered the U.S. EU Safe Harbor program; or Use of standard contractual clauses approved by the EU; or The U.S. entity has adopted binding corporate rules to ensure compliance with EU data protection standards. But, even these means are used, a U.S. entity may not transfer EU data to a service provider that may further transfer the data to another provider or store it in a jurisdiction not covered by EU law.

13 International Data Transfer From the customer perspective. Customers may seek provisions designating where data can be stored, or may seek services that store data in specified locations. Several eral providers have established data centers within the EU to address this issue.

14 Legal Issues - Data Access From the customer perspective. Customers may wish to control where data is stored to avoid exposure of data to undisclosed scrutiny or legal process emanating from foreign governments. Concerns raised in Canada over the privacy of Canadian PII contained in data stored on servers located in the U.S. caused the Canadian government to issue a report in 2004 addressing the issue. Google has had ongoing conflicts with law enforcement authorities in Brazil over request for turnover of user data for Google-owned social networking site Orkut, where the data was hosted on servers in the U.S. E-Discovery Issues.

15 Legal Issues - Data Access From the customer perspective. Customers may wish to be notified when law enforcement authorities seek access to their data. Customers may wish to protect against service provider use of fdata for non-customer related purposes. Customers may seek to ensure that they can comply with E-Discovery requirements at no extra cost.

16 Legal Issues - Copyright Does Section 512(c) of the DMCA apply? DMCA 512(c) affords a provider a safe harbor from liability for copyright infringement for content that is stored at the direction of a user (provided statutory prerequisites are met.) If the provider s service entails certain processing in connection with storing the information and making it available to third parties, is the safe harbor still available? UMG Recordings, Inc. v. Veoh Networks (C.D. Cal. Dec. 29, 2008). Online video upload services processed user-provided video files by chunking into smaller segments, converting to another format, and made the processed files available to third parties. Court ruled the service could still claim the safe harbor because the processes were narrowly directed toward providing access to material stored at the direction of users and affected only the form and not the content of the videos. Providing access to third parties by streaming and downloading also falls within the safe harbor.

17 Legal Issues - Copyright What is the scope of possible liability? Cartoon Network LP v. CSC Holdings, Inc. (2d Cir. 2008) (petition for certiorari on hold pending comment from U.S. Justice Department) Is a cable TV provider that provides a networked digital video recorder (DVR) to subscribers that enables them to make copies of copyrighted content and store them on a networked drive directly liable for copyright infringement? When it is the subscriber that pushes the copy button on the DVR and a copy is made and stored on the networked drive, who is making the copy, the subscriber or the cable TV provider? Are ephemeral copies of copyrighted content that are automatically generated by virtue of the technical operation of the networked DVR copies that can subject the operator of the system to copyright liability?

18 Legal Issues - Copyright Cartoon Network LP v. CSC Holdings, Inc. (cont.) In a declaratory judgment action brought by the cable TV provider who planned to deploy such a system, the 2d Circuit ruled that the provider would not be a direct infringer if it provided the networked DVR system to its customers. The necessary volitional act for imposing copyright liability was undertaken by the customer who actually pressed the copy button, not the provider that deployed and operated the system The provider was not liable for ephemeral (i.e., buffer copies generated by the operation of the system. The ephemeral copies were not copies within the meaning of the Copyright Act because they were not sufficiently permanent to be fixed in a tangible medium of expression for a period of more than transitory duration.

19 Legal Issues - Copyright Cartoon Network LP v. CSC Holdings, Inc. (cont.) Caution The issue of cable TV provider as secondary infringer not addressed. > Impact of Betamax ruling (Sony Corp. v. Universal City Studios 464 U.S. 417 (1984). Analysis of Mai v. Peak Computer (9 th Cir. 1993). > Interim copies are not infringing copies. > Technical issue.

20 Patent Issues Depending on how the applicable patent claims are written, the infringer may be the party that supplies the cloud as opposed to the user. Consider applicable indemnification. Method claims can only be infringed if a single party performs or causes the performance of all claimed steps. If the cloud provider performs a step without the user s s direction or control, there may be no infringement where by there might have been if the user owned and controlled the computer. A number of companies have patents that may pose issues for cloud computing implementation. Consider clearance issues and portfolio acquisition.

21 Contract considerations Standards / openness Family Pictures User: Lock in to proprietary interfaces, infrastructure ok Provider: Non-negotiable terms, low price, may or may not comply with standards, have proprietary interfaces, infrastructure HR Records User: Lock in to proprietary interfaces, infrastructure t not ok Provider: Negotiable terms, higher price, more likely to comply with standards, may or may not have proprietary interfaces, infrastructure Service level agreements Family Pictures User: SLAs probably not important. Provider: SLAs limited, non-negotiable, negotiable, HR Records User: SLAs important Provider: Negotiate SLAs. SLAs a factor in the price

22 Contract Considerations Export Regulations US - International Traffic in Arms Regulation (ITAR) US Export Administration Regulations NonUS regulations Who is responsible for compliance? User? Provider?

23 Conclusions Cloud Computing is an evolutionary step. At an industry level, public clouds are getting most of the press but will evolve slowly. Private clouds are getting less press but will likely evolve more quickly given the ability to impose necessary controls to address security, privacy and compliance needs. Important to address need for common standards. Industry still nascent.

Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015

Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 The following comprises a checklist of areas that genomic research organizations or consortia (collectively referred

More information

Implementing Privacy Compliant Hybrid Cloud Solutions

Implementing Privacy Compliant Hybrid Cloud Solutions Implementing Privacy Compliant Hybrid Cloud Solutions SESSION ID: DSP-T07A Peter J Reid Privacy Officer, Enterprise Business Hewlett-Packard Company Historical IT Outsourcing Perspective Cloud Web 2.0

More information

Cloud Computing: Legal Risks and Best Practices

Cloud Computing: Legal Risks and Best Practices Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent

More information

Data Privacy in Cloud environment. Kjell Ohlsson 7 th March 2013

Data Privacy in Cloud environment. Kjell Ohlsson 7 th March 2013 Data Protection ti & Privacy Data Privacy in Cloud environment Kjell Ohlsson 7 th March 2013 Who? Presenter: Kjell Ohlsson - AstraZeneca Audience: Swedish Association of Research Quality Assurance SARQA

More information

Legal Issues Associated with Cloud Computing. Laurin H. Mills May 13, 2009

Legal Issues Associated with Cloud Computing. Laurin H. Mills May 13, 2009 Legal Issues Associated with Cloud Computing Laurin H. Mills May 13, 2009 What Is Cloud Computing? The cloud is a metaphor for the Internet Leverages the connectivity of the Internet to optimize the utility

More information

Cloud Computing: Contracting and Compliance Issues for In-House Counsel

Cloud Computing: Contracting and Compliance Issues for In-House Counsel International In-house Counsel Journal Vol. 6, No. 23, Spring 2013, 1 Cloud Computing: Contracting and Compliance Issues for In-House Counsel SHAHAB AHMED Director Legal and Corporate Affairs, Microsoft,

More information

The HR Skinny: Effectively managing international employee data flows

The HR Skinny: Effectively managing international employee data flows The HR Skinny: Effectively managing international employee data flows Topics we will cover today Laws affecting HR data flows HR international data protection challenges and strategic solutions Case study

More information

Insights into Cloud Computing

Insights into Cloud Computing This article was originally published in the November 2010 issue of the Intellectual Property & Technology Law Journal. ARTICLE Insights into Cloud Computing The basic point of cloud computing is to avoid

More information

Article 29 Working Party Issues Opinion on Cloud Computing

Article 29 Working Party Issues Opinion on Cloud Computing Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,

More information

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES:

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES: CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES: Privacy Responsibilities and Considerations Cloud computing is the delivery of computing services over the Internet, and it offers many potential

More information

Legal Issues in the Cloud: A Case Study. Jason Epstein

Legal Issues in the Cloud: A Case Study. Jason Epstein Legal Issues in the Cloud: A Case Study Jason Epstein Outline Overview of Cloud Computing Service Models (SaaS, PaaS, IaaS) Deployment Models (Private, Community, Public, Hybrid) Adoption Different types

More information

Drawing Lines in the Cloud: Jurisdictional Access to Data. Nancy Libin Mary Ellen Callahan

Drawing Lines in the Cloud: Jurisdictional Access to Data. Nancy Libin Mary Ellen Callahan Drawing Lines in the Cloud: Jurisdictional Access to Data Nancy Libin Mary Ellen Callahan OVERVIEW Introduction to Cloud Computing Definition Benefits and Risks How does the physical location of data or

More information

Welcome & Introductions

Welcome & Introductions Addressing Data Privacy and Security Compliance in Cloud Computing Benjamin Hayes, Director of Legal Services, Data Privacy Compliance North America Accenture Copyright 2011 Accenture All Rights Reserved.

More information

Legal Cloud Computing: Concepts and Ramifications

Legal Cloud Computing: Concepts and Ramifications Legal Cloud Computing: Concepts and Ramifications April 27, 2010 Sébastien Lapointe, Holmested & Associés s.e.n.c. Legal Aspects of Cloud Computing Normal businesses using cloud computing ( CC ) face a

More information

INTERNATIONAL ASSOCIATION OF CHIEFS OF POLICE. Guiding Principles on Cloud Computing in Law Enforcement

INTERNATIONAL ASSOCIATION OF CHIEFS OF POLICE. Guiding Principles on Cloud Computing in Law Enforcement INTERNATIONAL ASSOCIATION OF CHIEFS OF POLICE Guiding Principles on Cloud Computing in Law Enforcement Cloud computing technologies offer substantial potential benefits to law enforcement and government

More information

Isaac Willett April 5, 2011

Isaac Willett April 5, 2011 Current Options for EHR Implementation: Cloud or No Cloud? Regina Sharrow Isaac Willett April 5, 2011 Introduction Health Information Technology for Economic and Clinical Health Act ( HITECH (HITECH Act

More information

Privacy and Cloud Computing for Australian Government Agencies

Privacy and Cloud Computing for Australian Government Agencies Privacy and Cloud Computing for Australian Government Agencies Better Practice Guide February 2013 Version 1.1 Introduction Despite common perceptions, cloud computing has the potential to enhance privacy

More information

Data Privacy & Security in the Cloud: Legal Basics and New Developments

Data Privacy & Security in the Cloud: Legal Basics and New Developments Data Privacy & Security in the Cloud: Legal Basics and New Developments Lawrence R. Freedman Partner, Edwards Wildman Palmer LLP lfreedman@edwardswildman.com (202) 939-7923 1 The Basics Two basic data

More information

Introduction to Data Privacy & ediscovery Intersection of Data Privacy & ediscovery

Introduction to Data Privacy & ediscovery Intersection of Data Privacy & ediscovery Today s Topics Introduction to Data Privacy & ediscovery General Overview Data Privacy in the United States Data Privacy in Foreign Countries Intersection of Data Privacy & ediscovery Preservation of Data

More information

Cloud Service Agreements: Avoiding the Pitfalls of the Cloud as a Commodity. Amy Mushahwar, Esq.

Cloud Service Agreements: Avoiding the Pitfalls of the Cloud as a Commodity. Amy Mushahwar, Esq. Cloud Service Agreements: Avoiding the Pitfalls of the Cloud as a Commodity Amy Mushahwar, Esq. What s New? Not That Much. Some have their heads in the cloud we prefer to stay down in the weeds and know

More information

'Safe Harbor' For Online Service Providers

'Safe Harbor' For Online Service Providers Portfolio Media, Inc. 648 Broadway, Suite 200 New York, NY 10012 www.law360.com Phone: +1 212 537 6331 Fax: +1 212 537 6371 customerservice@portfoliomedia.com 'Safe Harbor' For Online Service Providers

More information

INFORMATION SECURITY GUIDE. Cloud Computing Outsourcing. Information Security Unit. Information Technology Services (ITS) July 2013

INFORMATION SECURITY GUIDE. Cloud Computing Outsourcing. Information Security Unit. Information Technology Services (ITS) July 2013 INFORMATION SECURITY GUIDE Cloud Computing Outsourcing Information Security Unit Information Technology Services (ITS) July 2013 CONTENTS 1. Background...2 2. Legislative and Policy Requirements...3 3.

More information

Cloud Computing: Privacy and Other Risks

Cloud Computing: Privacy and Other Risks December 2013 Cloud Computing: Privacy and Other Risks by George Waggott, Michael Reid and Mitch Koczerginski, McMillan LLP Introduction While the benefits of outsourcing organizational data storage to

More information

Briefly summarised, SURFmarket has submitted the following questions to the Dutch DPA:

Briefly summarised, SURFmarket has submitted the following questions to the Dutch DPA: UNOFFICIAL TRANSLATION Written opinion on the application of the Wet bescherming persoonsgegevens [Dutch Data Protection Act] in the case of a contract for cloud computing services from an American provider

More information

By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN

By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN Major Changes to HIPAA Security and Privacy Rules Enacted in Economic Stimulus Package By Ross C. D Emanuele, John T. Soshnik, and Kari Bomash, Dorsey & Whitney LLP Minneapolis, MN The HITECH Act is the

More information

Top Five Privacy and Data Security Issues for Nonprofit Organizations

Top Five Privacy and Data Security Issues for Nonprofit Organizations Top Five Privacy and Data Security Issues for Nonprofit Organizations Julia K. Tama, Esq. Jeffrey S. Tenenbaum, Esq. Association of Corporate Counsel Nonprofit Organizations Committee Legal Quick Hit MAY

More information

Healthcare Payment Processing: Managing Data Security and Privacy Risks

Healthcare Payment Processing: Managing Data Security and Privacy Risks Moderator: Linda A. Malek Chair, Healthcare Moses & Singer LLP Healthcare Payment Processing: Managing Data Security and Privacy Risks Thursday, September 13, 2012 Panelists: Beth L. Rubin Senior Counsel

More information

GENOA, a QoL HEALTHCARE COMPANY GENOA ONLINE SYSTEM TERMS OF USE

GENOA, a QoL HEALTHCARE COMPANY GENOA ONLINE SYSTEM TERMS OF USE GENOA, a QoL HEALTHCARE COMPANY GENOA ONLINE SYSTEM TERMS OF USE By using the Genoa Online system (the System ), you acknowledge and accept the following terms of use: This document details the terms of

More information

Summary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL

Summary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL Summary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL 1. Definition of Cloud Computing In the public consultation, CNIL defined

More information

Cyber, PrivaCy. & Data SeCurity. www.mpplaw.com

Cyber, PrivaCy. & Data SeCurity. www.mpplaw.com Cyber, PrivaCy & Data SeCurity 360 www.mpplaw.com about our PraCtiCe Data is the lifeblood of our global economy. Collected, stored and transmitted, digital data not only imparts great opportunities, but

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT THIS HIPAA BUSINESS ASSOCIATE AGREEMENT ( BAA ) is entered into effective the day of, 20 ( Effective Date ), by and between the Regents of the University of Michigan,

More information

HIPAA BUSINESS ASSOCIATE AGREEMENT

HIPAA BUSINESS ASSOCIATE AGREEMENT HIPAA BUSINESS ASSOCIATE AGREEMENT This Business Associate Agreement ( BAA ) is effective ( Effective Date ) by and between ( Covered Entity ) and Egnyte, Inc. ( Egnyte or Business Associate ). RECITALS

More information

Privacy Law Basics and Best Practices

Privacy Law Basics and Best Practices Privacy Law Basics and Best Practices Information Privacy in a Digital World Stephanie Skaff sskaff@fbm.com What Is Information Privacy? Your name? Your phone number or home address? Your email address?

More information

Ethics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015

Ethics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015 Ethics, Privilege, and Practical Issues in Cloud Computing, Privacy, and Data Protection: HIPAA February 13, 2015 Katherine M. Layman Cozen O Connor 1900 Market Street Philadelphia, PA 19103 (215) 665-2746

More information

AskAvanade: Answering the Burning Questions around Cloud Computing

AskAvanade: Answering the Burning Questions around Cloud Computing AskAvanade: Answering the Burning Questions around Cloud Computing There is a great deal of interest in better leveraging the benefits of cloud computing. While there is a lot of excitement about the cloud,

More information

Select Internet. Standard Terms and Conditions relating to the supply of online backup services by Select Internet

Select Internet. Standard Terms and Conditions relating to the supply of online backup services by Select Internet Select Internet Standard Terms and Conditions relating to the supply of online backup services by Select Internet Select Internet, PO Box 317 Kidlington, Oxford. OX5 3WZ www.selectinternet.co.uk Page 1

More information

Delaware Cyber Security Workshop September 29, 2015. William R. Denny, Esquire Potter Anderson & Corroon LLP

Delaware Cyber Security Workshop September 29, 2015. William R. Denny, Esquire Potter Anderson & Corroon LLP Changing Legal Landscape in Cybersecurity: Implications for Business Delaware Cyber Security Workshop September 29, 2015 William R. Denny, Esquire Potter Anderson & Corroon LLP Agenda Growing Cyber Threats

More information

Acquia Comments on EU Recommendations for Data Processing in the Cloud

Acquia Comments on EU Recommendations for Data Processing in the Cloud Acquia Comments on EU Recommendations for Data Processing in the Cloud Executive Summary On July 1, 2012, European Union (EU) data protection regulators provided guidelines for service providers processing

More information

HIPAA Privacy and Security Changes in the American Recovery and Reinvestment Act

HIPAA Privacy and Security Changes in the American Recovery and Reinvestment Act International Life Sciences Arbitration Health Industry Alert If you have questions or would like additional information on the material covered in this Alert, please contact the author: Brad M. Rostolsky

More information

Cloud Computing. Introduction

Cloud Computing. Introduction Cloud Computing Introduction This information leaflet aims to advise organisations which are considering engaging cloud computing on the factors they should consider. It explains the relationship between

More information

Introduction to Data Security Breach Preparedness with Model Data Security Breach Preparedness Guide

Introduction to Data Security Breach Preparedness with Model Data Security Breach Preparedness Guide Introduction to Data Security Breach Preparedness with Model Data Security Breach Preparedness Guide by Christopher Wolf Directors, Privacy and Information Management Practice Hogan Lovells US LLP christopher.wolf@hoganlovells.com

More information

Legal issues in the Cloud

Legal issues in the Cloud Legal issues in the Cloud Renzo Marchini, Dechert LLP, London, UK Gene K. Landy, Ruberto, Israel & Weiner, PC Boston, MA, USA Portions 2010 Dechert LLP. Portions 2010 Ruberto, Israel & Weiner, PC. Attorneys

More information

Cloud Computing and HIPAA Privacy and Security

Cloud Computing and HIPAA Privacy and Security Cloud Computing and HIPAA Privacy and Security This is just one example of the many online resources Practical Law Company offers. Christine A. Williams, Perkins Coie LLP, with PLC Employee Benefits &

More information

THOMSON REUTERS (TAX & ACCOUNTING) INC. FOREIGN NATIONAL INFORMATION SYSTEM TERMS OF USE

THOMSON REUTERS (TAX & ACCOUNTING) INC. FOREIGN NATIONAL INFORMATION SYSTEM TERMS OF USE THOMSON REUTERS (TAX & ACCOUNTING) INC. FOREIGN NATIONAL INFORMATION SYSTEM TERMS OF USE 1. License and Permitted Use The Foreign National Information System (FNIS) is licensed, not sold. Subject to the

More information

INTERNATIONAL ASSOCIATION OF CHIEFS OF POLICE. Guiding Principles on Cloud Computing in Law Enforcement

INTERNATIONAL ASSOCIATION OF CHIEFS OF POLICE. Guiding Principles on Cloud Computing in Law Enforcement INTERNATIONAL ASSOCIATION OF CHIEFS OF POLICE Guiding Principles on Cloud Computing in Law Enforcement Cloud computing technologies offer substantial potential benefits to law enforcement and government

More information

Privacy Legislation and Industry Security Standards

Privacy Legislation and Industry Security Standards Privacy Legislation and Issue No. 3 01010101 01010101 01010101 Information is generated about and collected from individuals at an unprecedented rate in the ordinary course of business. In most cases,

More information

The Cloud and Cross-Border Risks - Singapore

The Cloud and Cross-Border Risks - Singapore The Cloud and Cross-Border Risks - Singapore February 2011 What is the objective of the paper? Macquarie Telecom has commissioned this paper by international law firm Freshfields Bruckhaus Deringer in

More information

Covered California. Terms and Conditions of Use

Covered California. Terms and Conditions of Use Terms and Conditions of Use Contents: Purpose Of This Agreement Privacy Policy Modification Of This Agreement Permission To Act On Your Behalf How We Identify You Registration Additional Terms For Products

More information

ENROLLMENT AGREEMENT FOR QUALIANCE

ENROLLMENT AGREEMENT FOR QUALIANCE ENROLLMENT AGREEMENT FOR QUALIANCE PLEASE READ THE TERMS OF THIS ENROLLMENT AGREEMENT (THIS AGREEMENT ) CAREFULLY BEFORE SUBMITTING YOUR SUBSCRIPTION ORDER THIS AGREEMENT GOVERNS ACCESS TO AND USE BY THE

More information

Wrapping Audit Arms around the Cloud Georgia 2013 Conference for College and University Auditors

Wrapping Audit Arms around the Cloud Georgia 2013 Conference for College and University Auditors 1 Wrapping Audit Arms around the Cloud Georgia 2013 Conference for College and University Auditors Scott Woodison Executive Director, Compliance and Enterprise Risk Office of Internal Audit and Compliance

More information

Data Breach and Senior Living Communities May 29, 2015

Data Breach and Senior Living Communities May 29, 2015 Data Breach and Senior Living Communities May 29, 2015 Todays Objectives: 1. Discuss Current Data Breach Trends & Issues 2. Understanding Why The Senior Living Industry May Be A Target 3. Data Breach Costs

More information

HIPAA/HITECH Compliance Using VMware vcloud Air

HIPAA/HITECH Compliance Using VMware vcloud Air Last Updated: September 23, 2014 White paper Introduction This paper is intended for security, privacy, and compliance officers whose organizations must comply with the Privacy and Security Rules of the

More information

LEGAL ISSUES IN CLOUD COMPUTING

LEGAL ISSUES IN CLOUD COMPUTING LEGAL ISSUES IN CLOUD COMPUTING RITAMBHARA AGRAWAL INTELLIGERE 1 CLOUD COMPUTING Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing

More information

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud

More information

Cloud Computing. Cloud Computing An insight in the Governance & Security aspects

Cloud Computing. Cloud Computing An insight in the Governance & Security aspects Cloud Computing An insight in the Governance & Security aspects AGENDA Introduction Security Governance Risks Compliance Recommendations References 1 Cloud Computing Peter Hinssen, The New Normal, 2010

More information

Trust in the Cloud Legal and Regulatory Framework

Trust in the Cloud Legal and Regulatory Framework Trust in the Cloud Legal and Regulatory Framework Cloud Security Alliance San Francisco, CA February 26, 2014 Francoise Gilbert, JD, CIPP Managing Director IT Law Group 2014 IT Law Group All Rights Reserved

More information

ZIMPERIUM, INC. END USER LICENSE TERMS

ZIMPERIUM, INC. END USER LICENSE TERMS ZIMPERIUM, INC. END USER LICENSE TERMS THIS DOCUMENT IS A LEGAL CONTRACT. PLEASE READ IT CAREFULLY. These End User License Terms ( Terms ) govern your access to and use of the zanti and zips client- side

More information

The Use of Cloud Computing for the Storing and Accessing of Client Information: Some Practical and Ethical Considerations

The Use of Cloud Computing for the Storing and Accessing of Client Information: Some Practical and Ethical Considerations The Use of Cloud Computing for the Storing and Accessing of Client Information: Some Practical and Ethical Considerations Jeffrey D. Scott Jeffrey D. Scott, Legal Professional Corporation Practice Advisors

More information

UNIVERSITY PHYSICIANS OF BROOKLYN HIPAA BUSINESS ASSOCIATE AGREEMENT CONTRACT NO(S):

UNIVERSITY PHYSICIANS OF BROOKLYN HIPAA BUSINESS ASSOCIATE AGREEMENT CONTRACT NO(S): UNIVERSITY PHYSICIANS OF BROOKLYN HIPAA BUSINESS ASSOCIATE AGREEMENT CONTRACT NO(S): THIS AGREEMENT is made by and between UNIVERSITY PHYSICIANS OF BROOKLYN, INC., located at 450 Clarkson Ave., Brooklyn,

More information

Policy Implications: Privacy, Security and Liability Big Data in Telecom. June 7 2012 TIA 2012: INSIDE THE NETWORK Dallas TX

Policy Implications: Privacy, Security and Liability Big Data in Telecom. June 7 2012 TIA 2012: INSIDE THE NETWORK Dallas TX Policy Implications: Privacy, Security and Liability Big Data in Telecom June 7 2012 TIA 2012: INSIDE THE NETWORK Dallas TX Who We Are Leading trade association in support of information and communications

More information

White Paper on CLOUD COMPUTING

White Paper on CLOUD COMPUTING White Paper on CLOUD COMPUTING INDEX 1. Introduction 2. Features of Cloud Computing 3. Benefits of Cloud computing 4. Service models of Cloud Computing 5. Deployment models of Cloud Computing 6. Examples

More information

Cloud Computing. Patrick Van Eecke. Partner, DLA Piper Brussels Professor Universiteit Antwerpen

Cloud Computing. Patrick Van Eecke. Partner, DLA Piper Brussels Professor Universiteit Antwerpen Cloud Computing Legal issues Patrick Van Eecke Partner, DLA Piper Brussels Professor Universiteit Antwerpen Cloud computing & the law Infrastructure as a Service Data storage e.g. Amazon S3 Platform as

More information

Privacy Policy documents for

Privacy Policy documents for Privacy Policy documents for Praendex Incorporated doing business as PI Worldwide Product User Privacy Policy - For Customers, as well as those invited to our websites to complete a PI Survey or SSAT General

More information

Licensing in a Globalized Information Environment: Pitfalls in Licensing Terms and Conditions

Licensing in a Globalized Information Environment: Pitfalls in Licensing Terms and Conditions Licensing in a Globalized Information Environment: Pitfalls in Licensing Terms and Conditions presented for IFLA, Copyright and Other Legal Matters Committee Satellite Conference on August 13, 2014, Strasbourg,

More information

MEDIATECH APPLICATION

MEDIATECH APPLICATION MEDIATECH APPLICATION FOR PURPOSES OF THE INSURANCE COMPANIES ACT (CANADA), THIS DOCUMENT WAS ISSUED IN THE COURSE OF LLOYD S UNDERWRITERS AND LIBERTY MUTUAL INSURANCE COMPANY S INSURANCE BUSINESSES IN

More information

Training Contract Standard Terms and Conditions

Training Contract Standard Terms and Conditions Training Contract Standard Terms and Conditions 1. Consultant Training 2. Fee The Principal engages the Consultant as an independent consultant to provide the Training to the Principal on the terms and

More information

APPENDIX A that is not acceptable. Arbitration settled by arbitration arbitration shall be held in New Jersey substantive law of New Jersey

APPENDIX A that is not acceptable. Arbitration settled by arbitration arbitration shall be held in New Jersey substantive law of New Jersey APPENDIX A The attorneys in the Office of University Counsel at the University of Colorado Denver Anschutz Medical Campus review many different types of contracts on behalf of the University. Legal review

More information

Export Controls and Cloud Computing: Legal Risks

Export Controls and Cloud Computing: Legal Risks Presenting a live 90-minute webinar with interactive Q&A Export Controls and Cloud Computing: Legal Risks Complying with ITAR, EAR and Sanctions Laws When Using Cloud Storage and Services TUESDAY, APRIL

More information

Cybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues

Cybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues Cybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues Todd Bertoson Daniel Gibb Erin Sheppard Principal Senior Managing Associate Counsel todd.bertoson@dentons.com

More information

CLOUD COMPUTING. 11 December 2013 TOWNSHIP OF KING TATTA 1

CLOUD COMPUTING. 11 December 2013 TOWNSHIP OF KING TATTA 1 CLOUD COMPUTING (outsourcing records storage) TATTA SRINIVASA RECORDS MANAGER 11 December 2013 TOWNSHIP OF KING TATTA 1 Cloud computing A style of computing where scalable and elasticity ITenabled capabilities

More information

My Docs Online HIPAA Compliance

My Docs Online HIPAA Compliance My Docs Online HIPAA Compliance Updated 10/02/2013 Using My Docs Online in a HIPAA compliant fashion depends on following proper usage guidelines, which can vary based on a particular use, but have several

More information

Data Privacy in the Cloud: A Dozen Myths & Facts

Data Privacy in the Cloud: A Dozen Myths & Facts Data Privacy in the Cloud: A Dozen Myths & Facts March 7-9 Washington DC Presented by: Barbara Cosgrove, Chief Security Officer, Workday, Inc. Lothar Determann, Partner, Baker & McKenzie LLP We re taking

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation View the online version at http://us.practicallaw.com/7-523-1520 Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation MELISSA J. KRASNOW, DORSEY & WHITNEY LLP

More information

Leveraging Dedicated Servers and Dedicated Private Cloud for HIPAA Security and Compliance

Leveraging Dedicated Servers and Dedicated Private Cloud for HIPAA Security and Compliance ADVANCED INTERNET TECHNOLOGIES, INC. https://www.ait.com Leveraging Dedicated Servers and Dedicated Private Cloud for HIPAA Security and Compliance Table of Contents Introduction... 2 Encryption and Protection

More information

Managing Cloud Computing Risk

Managing Cloud Computing Risk Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify

More information

Global Privacy and Data Security in the Cloud September 14, 2011 Miriam Wugmeister

Global Privacy and Data Security in the Cloud September 14, 2011 Miriam Wugmeister 2011 Morrison & Foerster LLP All Rights Reserved mofo.com Global Privacy and Data Security in the Cloud September 14, 2011 Miriam Wugmeister Presenter Miriam Wugmeister Morrison & Foerster LLP New York

More information

The Cloud Computing Revolution: Beyond the Hype

The Cloud Computing Revolution: Beyond the Hype The Cloud Computing Revolution: Beyond the Hype KEN ADLER Partner and Chair, Technology and Outsourcing Practice Group Loeb & Loeb LLP Outsourcing in Financial Services Program October 19, 2010 Overview

More information

CORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline)

CORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline) CORPORATE RECORD RETENTION IN AN ELECTRONIC AGE (Outline) David J. Chavolla, Esq. and Gary L. Kemp, Esq. Casner & Edwards, LLP 303 Congress Street Boston, MA 02210 A. Document and Record Retention Preservation

More information

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security

More information

THE PERSPECSYS KNOWLEDGE SERIES. Solving Privacy, Residency and Security in the Cloud. PerpecSys Inc. 2012. All rights reserved.

THE PERSPECSYS KNOWLEDGE SERIES. Solving Privacy, Residency and Security in the Cloud. PerpecSys Inc. 2012. All rights reserved. THE PERSPECSYS KNOWLEDGE SERIES Solving Privacy, Residency and Security in the Cloud Data Compliance and the Enterprise Cloud Computing is generating an incredible amount of excitement and interest from

More information

TERMS OF USE & GENERAL PRIVACY POLICY

TERMS OF USE & GENERAL PRIVACY POLICY TERMS OF USE & GENERAL PRIVACY POLICY BETWEEN: MEDICAL ANSWERING SERVICES, LLC AND COMPANY NAME Medical Answering Services, LLC values your trust and our relationships with our clientele - so we take great

More information

Privacy Implications of Cloud Computing in Israel

Privacy Implications of Cloud Computing in Israel January 2012 Privacy Implications of Cloud Computing in Israel Adv. Naomi Assia Co-chairman of the Data Protection Committee -ITECHLAW www.computer-law.co.il Cloud Computing One widely accepted definition

More information

Shipman & Goodwin LLP. HIPAA Alert STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS

Shipman & Goodwin LLP. HIPAA Alert STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS Shipman & Goodwin LLP HIPAA Alert March 2009 STIMULUS PACKAGE SIGNIFICANTLY EXPANDS HIPAA REQUIREMENTS The economic stimulus package, officially named the American Recovery and Reinvestment Act of 2009

More information

Lessons Learned from Recent HIPAA and Big Data Breaches. Briar Andresen Katie Ilten Ann Ladd

Lessons Learned from Recent HIPAA and Big Data Breaches. Briar Andresen Katie Ilten Ann Ladd Lessons Learned from Recent HIPAA and Big Data Breaches Briar Andresen Katie Ilten Ann Ladd Recent health care breaches Breach reports to OCR as of February 2015 1,144 breaches involving 500 or more individual

More information

Cloud Computing Contracts. October 11, 2012

Cloud Computing Contracts. October 11, 2012 Cloud Computing Contracts October 11, 2012 Lorene Novakowski Karam Bayrakal Covering Cloud Computing Cloud Computing Defined Models Manage Cloud Computing Risk Mitigation Strategy Privacy Contracts Best

More information

Clients Legal Needs in HIPAA Security Compliance

Clients Legal Needs in HIPAA Security Compliance Clients Legal Needs in HIPAA Security Compliance Robyn A. Meinhardt, JD, RN FOLEY & LARDNER LLP 2004 Preserving Attorney-Client Privilege and Work Product Protections 1 Relevance to Security Compliance

More information

PointCentral Subscription Agreement v.9.2

PointCentral Subscription Agreement v.9.2 PointCentral Subscription Agreement v.9.2 READ THIS SUBSCRIPTION AGREEMENT ( AGREEMENT ) CAREFULLY BEFORE INSTALLING THIS SOFTWARE. THIS AGREEMENT, BETWEEN CALYX TECHNOLOGY, INC., DBA CALYX SOFTWARE (

More information

TRIAL AGREEMENT FOR QUALIANCE

TRIAL AGREEMENT FOR QUALIANCE TRIAL AGREEMENT FOR QUALIANCE PLEASE READ THE TERMS OF THIS TRIAL AGREEMENT (THIS AGREEMENT ) CAREFULLY BEFORE SUBMITTING YOUR TRIAL REGISTRATION REQUEST THIS AGREEMENT GOVERNS ACCESS TO AND USE BY THE

More information

ROLE OF CONTRACT MANAGEMENT IN A HEALTHCARE COMPLIANCE PROGRAM DESIGN

ROLE OF CONTRACT MANAGEMENT IN A HEALTHCARE COMPLIANCE PROGRAM DESIGN ROLE OF CONTRACT MANAGEMENT IN A HEALTHCARE COMPLIANCE PROGRAM DESIGN John Riley Vice President of Sales MediTract, Inc. Session Overview Overview of Compliance Regulations affecting Contract Management

More information

Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station

Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station What is Cloud Computing? http://www.agent-x.com.au/ Wikipedia - the use of computing resources (hardware and software)

More information

Service Description: Dell Backup and Recovery Cloud Storage

Service Description: Dell Backup and Recovery Cloud Storage Service Description: Dell Backup and Recovery Cloud Storage Service Providers: Dell Marketing L.P. ( Dell ), One Dell Way, Round Rock, Texas 78682, and it s worldwide subsidiaries, and authorized third

More information

Cloud Computing. What is Cloud Computing?

Cloud Computing. What is Cloud Computing? Cloud Computing What is Cloud Computing? Cloud computing is where the organization outsources data processing to computers owned by the vendor. Primarily the vendor hosts the equipment while the audited

More information

Cloud Computing Risks in Financial Services Companies: How Attorneys Can Best Help In An Increasingly SaaS-ified World

Cloud Computing Risks in Financial Services Companies: How Attorneys Can Best Help In An Increasingly SaaS-ified World Cloud Computing Risks in Financial Services Companies: How Attorneys Can Best Help In An Increasingly SaaS-ified World July 30, 2015 Sutherland Webinar Michael Steinig 202.383.0804 Michael.Steinig@sutherland.com

More information

(a) the kind of data and the harm that could result if any of those things should occur;

(a) the kind of data and the harm that could result if any of those things should occur; Cloud Computing This information leaflet aims to advise organisations on the factors they should take into account in considering engaging cloud computing. It explains the relevance of the Personal Data

More information

FCC Dives Headfirst Into Privacy

FCC Dives Headfirst Into Privacy Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com FCC Dives Headfirst Into Privacy Law360, New York

More information

Privacy and Security Guidance Cloud Computing in the MUSH Sector

Privacy and Security Guidance Cloud Computing in the MUSH Sector dentons.com Privacy and Security Guidance Cloud Computing in the MUSH Sector Operational Privacy Risks and Opportunities in Cloud Computing: A Focus on Municipalities, Universities, School Boards, and

More information

Contracting for Cloud Computing

Contracting for Cloud Computing Contracting for Cloud Computing Geofrey L Master Mayer Brown JSM Partner +852 2843 4320 geofrey.master@mayerbrownjsm.com April 5th 2011 Mayer Brown is a global legal services organization comprising legal

More information

Using AWS in the context of Australian Privacy Considerations October 2015

Using AWS in the context of Australian Privacy Considerations October 2015 Using AWS in the context of Australian Privacy Considerations October 2015 (Please consult https://aws.amazon.com/compliance/aws-whitepapers/for the latest version of this paper) Page 1 of 13 Overview

More information

Information Technology: This Year s Hot Issue - Cloud Computing

Information Technology: This Year s Hot Issue - Cloud Computing Information Technology: This Year s Hot Issue - Cloud Computing Presented by: Alan Sutin Global IP & Technology Practice Group GREENBERG TRAURIG, LLP ATTORNEYS AT LAW WWW.GTLAW.COM 2011. All rights reserved.

More information