Welcome & Introductions

Size: px
Start display at page:

Download "Welcome & Introductions"

Transcription

1 Addressing Data Privacy and Security Compliance in Cloud Computing Benjamin Hayes, Director of Legal Services, Data Privacy Compliance North America Accenture Copyright 2011 Accenture All Rights Reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Welcome & Introductions Benjamin Hayes, CIPP, CIPP/C, CIPP/G, CIPP/IT, CIPP/E Director of Legal Services, Data Privacy Compliance North America Accenture, LLP Copyright 2011 Accenture All Rights Reserved. 2 What does Accenture do? $31B company 250,000+ employees in 64 countries 3 lines of business: Management Consulting Business Process Outsourcing Technology / System Integration Copyright 2011 Accenture All Rights Reserved. 3 1

2 Agenda Introductions Data Privacy Legal Regulatory Update The Data Privacy legal landscape Recently enacted data privacy laws Cloud Computing Data Protection Compliance Considerations Overview: The Current Landscape Compliance Challenges Allocation of Responsibility Practical Considerations in working with Cloud Suppliers Discussion Copyright 2011 Accenture All Rights Reserved. 4 Data Privacy Legal Landscape Copyright 2011 Accenture All Rights Reserved. 5 Scope and substance of data privacy laws The privacy legal landscape Data Privacy laws address: the way in which companies and government bodies may collect, use, store, disclose, share, transfer and otherwise process personal data about individuals. Personal Data = any information about an identified or identifiable individual Duties of Companies when holding, using and sharing personal data of any individual, whether as a data owner or a service provider Rights of individuals in relation to their personal data e.g., right to access. Powers of supervisory government body to oversee and enforce the law, conduct investigations, impose sanctions for violations. Copyright 2011 Accenture All Rights Reserved. 6 2

3 3 Models for Privacy Laws General laws apply to all collection, use and disclosure of personal data (the omnibus model ) - Customers - Employees - Business contacts Sectoral laws apply only to specific business sectors like health care, financial services - Most broadly adopted in US and Asia No regulation - Privacy laws began in US/Europe and have spread to other parts of the world, but not universal Copyright 2011 Accenture All Rights Reserved. 7 Privacy Laws Around the World The privacy legal landscape 8 Copyright 2011 Accenture All Rights Reserved. 8 Major Data Privacy Legal Changes New laws: India (IT security regulations) Malaysia Mexico Peru China Philippines Changes / enhancements to existing laws: EU (E-Privacy Directive implementation) Taiwan South Korea Proposed additional changes: EU (changes to EU DP framework) Copyright 2011 Accenture All Rights Reserved. 9 3

4 Recently Enacted Data Privacy Laws APAC Taiwan, South Korea, China, India Comprehensive data privacy laws being adopted by countries which previously had none. Taiwan (effective November, 2011) - Aligns to EU standards, with variations on consent requirement. South Korea (effective September 30, 2011) - Similar to EU, but more restrictions on data exports (addl. guidance expected); restrictions on the use of CCTV. China - Jiangsu province (effective January 1, 2012) - EU-style law only in the province of Jiangsu the first comprehensive DP law at any level in China. Copyright 2011 Accenture All Rights Reserved. 10 Recently Enacted Data Privacy Laws: India Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011 Effective as of May, 2011 Issued under the authority of 2001 IT Act, as amended Applies only to sensitive personal information name (and any other data) in conjunction with: Financial account data Health information Passwords / biometric data Sexual orientation Initially thought to apply to data brought to India for processing, outsourcing was excluded from the regulations scope by Government clarification (Aug 2011). Copyright 2011 Accenture All Rights Reserved. 11 Recently Enacted Data Privacy Laws South America Mexico, Peru Mexico - Similar to Canada, the law basically aligns with EU standards, but does not include data export restrictions. - Data security regulations released Dec., 2011 Peru - The law basically aligns to EU standards, including restrictions on trans-border data flows. - No data breach notification requirements. Copyright 2011 Accenture All Rights Reserved. 12 4

5 Significant changes to EU Data Protection (Privacy) Directive planned January, the European Commission has issued a DRAFT Data Protection Regulation which would replace the existing EU Data Protection Directive Most of the current substance of the DP Directive will remain in force, but with several added requirements: Data security breach notification required to clients or to individuals within 24 hours Service Providers ( data processors ) would be directly regulated with regard to security and certain other provisions. Opt-in consent required (particularly for marketing) in many cases where it is not required currently Companies larger than 250 employees required to have data privacy officer with certain responsibilities. Copyright 2011 Accenture All Rights Reserved. 13 Trends in the new laws General trend is to embrace EU-style fair information practices (FIPs), but move away from EU-style data export restrictions (with some exceptions). Sometimes called the Canadian Model More attention to data security, but less technically prescriptive laws. More focus on independent standards regimes like ISO and PCI Data Security Standard. Growing acceptance of the Accountability Model which would articulate general principles of privacy laws, but would leave it to companies and third-party standards-setting bodies to create detailed program standards. Greater focus on Privacy by Design responsibility to build data privacy functionality into software and other technology. Copyright 2011 Accenture All Rights Reserved. 14 Cloud Computing Overview of the Current Landscape & Compliance Challenges Copyright 2011 Accenture All Rights Reserved. 15 5

6 A Working Definition of Cloud Computing Cloud computing is a model for enabling convenient, ondemand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. The cloud model allows for flexibility and scalability. There are three service models and four deployment models. Copyright 2011 Accenture All Rights Reserved Cloud Service Models Cloud Software as a Service (SaaS) Cloud provider hosts software so it doesn t need to be installed or managed and hardware doesn t need to be purchased for it Cloud Platform as a Service (PaaS) Black-box services with which developers can build applications on top of the computing infrastructure Cloud Infrastructure as a Service (IaaS) Processing, storage, network capacity, and other fundamental computing resources are rented Copyright 2011 Accenture All Rights Reserved Cloud Deployment Models Public cloud sold to the public; mega-scale infrastructure Private cloud enterprise owned or leased (e.g., co-location services) Hybrid cloud composition of two or more clouds Community cloud shared infrastructure for a specific community Copyright 2011 Accenture All Rights Reserved. 18 6

7 Compliance Challenges Data Security, Availability Compliance with strict technology standards (e.g., HIPAA, PCI, Spain, Italy, Romania) Data ownership Allocation of responsibility for security Exposure of data to government subpoenas (Patriot Act, India) Data retention and destruction issues Quality of service guarantees Attraction to hackers-especially for public clouds Possibility for massive outages vs. data availability requirements Copyright 2011 Accenture All Rights Reserved. 19 Compliance Challenges Who is subject to the law? Most privacy laws apply to classes of entities, instead of classes of data. The effect is that service providers are typically not governed directly by privacy laws, but by service contracts with data owners (clients). Cloud particularly public cloud service contracts are not designed to be highly negotiated. Indeed, for most customers they are not intended nor will they be negotiated at all. Where does this leave the data owner who must satisfy privacy and security requirements under X law, to which the cloud supplier is not subject? Copyright 2011 Accenture All Rights Reserved. 20 Compliance Challenges (cont.) How the EU Views Cloud Computing Mere hosting, even without logical access to data, is still considered processing under EU privacy laws. Insistence on standard EU Model Clauses or Safe Harbor to create a lawful basis for non-eu data storage. Concern and suspicion about access by foreign (e.g. U.S., India, China) governments to data stored in non-eu cloud. Some EU regulators taking the view that EU businesses should use EU-only clouds. Required already under certain public sector rules. Under new proposed EU rules, non-eu cloud providers might be subject to extraterritorial EU laws when hosting EU data. Copyright 2011 Accenture All Rights Reserved. 21 7

8 Cloud Computing Allocation of Responsibility Copyright 2011 Accenture All Rights Reserved. 22 How is Cloud different than traditional hosting? In traditional hosting, an entire application and its data reside on known physical machines. - In cloud computing, application and data are on known virtual servers, but physical location is dynamic and always changing. In traditional hosting, host plays an active role in configuration and/or maintenance of the application and its data responsible for backups, network security, etc. - (IaaS / PaaS) Cloud is more self-service for application owners many optional functions and components, but nothing works until configured and activated by the application owner. Example: backup no backup will occur unless the data controller chooses and provisions a backup mechanism; then provider is responsible for executing it Copyright 2011 Accenture All Rights Reserved. 23 The effect of virtualization on the roles of the parties Virtualization means that applications and data are split up across many physical servers. s and data can only be reassembled by the virtualization layer, without access to the VL the data is viewable only as unreadable 1s and 0s. In IaaS and PaaS cloud models, system administrators may not have access to client-controlled virtualization layers the effect is no access to data. Important to understand exactly what access and where it occurs cloud provider has. The implication is that Cloud providers (other than SaaS) have no ability to control application-level security (e.g. access rights, authentication, encryption, logging, data quality, etc.) these functions must be established and maintained by the manager of the application. SaaS is different in this model the cloud provider is also responsible for application-layer security. Copyright 2011 Accenture All Rights Reserved. 24 8

9 Cloud requires a reallocation of responsibilities: Substantive Data Privacy requirements (Fair Information Practices) must be met entirely by data controllers in IaaS / PaaS models. Shared responsibility in SaaS but who is responsible for software design? Any security requirement that can be executed at the application or database level (e.g., authentication, access logs, encryption, password complexity, etc.) are responsibility of application manager. Justice is blind the law requires that things be done, but is not particular as to who does them IaaS / PaaS providers are left with a residuary of physical, facilities, network and hardware responsibilities, as well as logging and access controls for helpdesk and admin super-users. Copyright 2011 Accenture All Rights Reserved. 25 System Component Responsibility and Control by Cloud Type On Premise Infrastructure as a Service Platform as a Service Software as a Service User Managed Architecture System Software Database Operating System Physical security User Managed Architecture System Software Database Operating System Physical security User Managed Architecture System Software Database Operating System Physical security Cloud Architecture System Software Database Operating System Physical security Cloud Servers Servers Servers Servers Storage Storage Cloud Storage Storage Network Network Network Network Encryption Encryption Encryption Encryption Copyright 2011 Accenture All Rights Reserved. 26 Common Fallacies Encrypting data absolves the cloud supplier of any responsibility for security If the application is stored on the cloud, data typically cannot be encrypted during use by the application Cloud host admin personnel or help desk often have some type of access (more common in PaaS than IaaS, very common in SaaS) All compliance can occur at the application level HIPAA, Spain, Italy, others have physical, hardware and other security requirements that can only be met by a data host. Copyright 2011 Accenture All Rights Reserved. 27 9

10 Perspective from a Cloud System Integrator Copyright 2011 Accenture All Rights Reserved. 28 Accenture s position as a reseller of third-party cloud services Cloud Terms of Service Client requirements Copyright 2011 Accenture All Rights Reserved. 29 What is the problem? Public Cloud 1.0 business model (c. 2009) did not address clients legal compliance needs. Standard terms for cloud services are typically insufficient to meet clients regulatory requirements for regulated data, and are presented as non-negotiable -Result: regulated data could not be placed into the cloud. Situation began to change in 2011 This is now changing as some cloud suppliers see privacy and security compliance as a competitive differentiator More willingness to accept EU Model Clauses, to certify to independent security standards, to Copyright 2011 Accenture All Rights Reserved

11 Accenture s Solution the Mother of All Security Schedules (MOASS) For use only with IaaS and PaaS providers Based on 33 privacy and security laws in 29 countries Derived from the superset of security requirements Does not address PCI Data Security Standard (payment card data) Does not include requirements that can be executed as part of application management these are the responsibility of the application manager (either the client or the system integrator) Includes EU Model Clauses, a HIPAA Business Associate Agreement, and terms drawn from laws in most major economies. Suppliers who agree to terms can be said to comply with their portion of responsibilities under most privacy laws. Copyright 2011 Accenture All Rights Reserved. 31 A pragmatic approach to compliance in the cloud Copyright 2011 Accenture All Rights Reserved. 32 Practical considerations Understand the landscape Going into the cloud with eyes open means: Understand that the cloud is a more self-service service model than traditional hosting or ASP services. Chances are excellent that your company will retain most of the responsibility for application-related compliance requirements. Do not expect to devolve a significant number of compliance responsibilities or a significant amount of liability for data breaches to the cloud. Do not expect a high degree of visibility into the technical operations of your cloud. Bottom line: cloud is low-cost, commoditized computing power that can create powerful business cases for its use, but you re largely on your own when it comes to compliance. Copyright 2011 Accenture All Rights Reserved

12 Practical considerations Understand the data Identify: -- what data will be moved to the cloud? -- what law(s) is it subject to? -- which requirements can be performed at the application level, or using a la carte PaaS services? Whatever cannot be managed directly by the data controller / application manager must be flowed down to the cloud host by contract: -- Physical security -- Hardware requirements -- Access, authentication, logging, and workstation controls for cloud admin / helpdesk personnel with access to data Copyright 2011 Accenture All Rights Reserved. 34 Practical Consideration - Understand the proposed cloud Where are the data centers? -- You don t need a street address just what countries? What supplier personnel can obtain access to production data and under what circumstances? -- Where (what countries) are these people based? What do standard terms and conditions include? -- EU Model Clauses or Safe Harbor? -- Attestations concerning specific security measures to be followed? -- Audit rights? If standard terms do not address all compliance requirements, will supplier agree to alter standard terms? -- If not, STOP. If you have unmet compliance responsibilities and the supplier won t accommodate them in the contract, change suppliers or explore hybrid cloud options. Does the supplier have credible audit reports it is willing to share, or will it allow you to perform a security review? What SLAs will the cloud commit to regarding uptime, availability of data, portability, etc? Copyright 2011 Accenture All Rights Reserved. 35 Practical Consideration - Manage expectations about flow-downs Recognize that cloud suppliers will not negotiate terms like other subcontractors: Willingness to negotiate terms at all may be tied to minimum monthly spend commitments Full rights of audit for data security are not likely to be agreed Unlimited liability for data breaches is basically impossible Important to understand what terms supplier has accepted with other clients and whether there is any opportunity to negotiate if terms do not appear to support your compliance requirements. Copyright 2011 Accenture All Rights Reserved

13 Resources Discussion Copyright 2011 Accenture All Rights Reserved. 37 Contact Information Contact: Ben Hayes Director of Legal Services, Data Privacy Compliance North America Copyright 2011 Accenture All Rights Reserved

AskAvanade: Answering the Burning Questions around Cloud Computing

AskAvanade: Answering the Burning Questions around Cloud Computing AskAvanade: Answering the Burning Questions around Cloud Computing There is a great deal of interest in better leveraging the benefits of cloud computing. While there is a lot of excitement about the cloud,

More information

The Cloud Computing Revolution: Beyond the Hype

The Cloud Computing Revolution: Beyond the Hype The Cloud Computing Revolution: Beyond the Hype KEN ADLER Partner and Chair, Technology and Outsourcing Practice Group Loeb & Loeb LLP Outsourcing in Financial Services Program October 19, 2010 Overview

More information

The Keys to the Cloud: The Essentials of Cloud Contracting

The Keys to the Cloud: The Essentials of Cloud Contracting The Keys to the Cloud: The Essentials of Cloud Contracting September 30, 2014 Bert Kaminski Assistant General Counsel, Oracle North America Ken Adler Partner, Loeb & Loeb LLP Akiba Stern Partner, Loeb

More information

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect

OWASP Chapter Meeting June 2010. Presented by: Brayton Rider, SecureState Chief Architect OWASP Chapter Meeting June 2010 Presented by: Brayton Rider, SecureState Chief Architect Agenda What is Cloud Computing? Cloud Service Models Cloud Deployment Models Cloud Computing Security Security Cloud

More information

Article 29 Working Party Issues Opinion on Cloud Computing

Article 29 Working Party Issues Opinion on Cloud Computing Client Alert Global Regulatory Enforcement If you have questions or would like additional information on the material covered in this Alert, please contact one of the authors: Cynthia O Donoghue Partner,

More information

Cloud Computing: Legal Risks and Best Practices

Cloud Computing: Legal Risks and Best Practices Cloud Computing: Legal Risks and Best Practices A Bennett Jones Presentation Toronto, Ontario Lisa Abe-Oldenburg, Partner Bennett Jones LLP November 7, 2012 Introduction Security and Data Privacy Recent

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

Information Technology: This Year s Hot Issue - Cloud Computing

Information Technology: This Year s Hot Issue - Cloud Computing Information Technology: This Year s Hot Issue - Cloud Computing Presented by: Alan Sutin Global IP & Technology Practice Group GREENBERG TRAURIG, LLP ATTORNEYS AT LAW WWW.GTLAW.COM 2011. All rights reserved.

More information

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009

Perspectives on Moving to the Cloud Paradigm and the Need for Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009 Perspectives on Moving to the Cloud Paradigm and the Need for Standards Peter Mell, Tim Grance NIST, Information Technology Laboratory 7-11-2009 2 NIST Cloud Computing Resources NIST Draft Definition of

More information

Orchestrating the New Paradigm Cloud Assurance

Orchestrating the New Paradigm Cloud Assurance Orchestrating the New Paradigm Cloud Assurance Amsterdam 17 January 2012 John Hermans - Partner Current business challenges versus traditional IT Organizations are challenged with: Traditional IT seems

More information

Recommendations for companies planning to use Cloud computing services

Recommendations for companies planning to use Cloud computing services Recommendations for companies planning to use Cloud computing services From a legal standpoint, CNIL finds that Cloud computing raises a number of difficulties with regard to compliance with the legislation

More information

Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit jdoleh@wayne.edu

Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit jdoleh@wayne.edu Cloud Computing demystified! ISACA-IIA Joint Meeting Dec 9, 2014 By: Juman Doleh-Alomary Office of Internal Audit jdoleh@wayne.edu 2 If cloud computing is so simple, then what s the big deal? What is the

More information

Data Management Session: Privacy, the Cloud and Data Breaches

Data Management Session: Privacy, the Cloud and Data Breaches Data Management Session: Privacy, the Cloud and Data Breaches Annelies Moens Head of Sales and Operations, IIS President, iappanz IACCM APAC Australia Sydney, 1 August 2012 Overview Changing privacy regulation

More information

Using AWS in the context of Australian Privacy Considerations October 2015

Using AWS in the context of Australian Privacy Considerations October 2015 Using AWS in the context of Australian Privacy Considerations October 2015 (Please consult https://aws.amazon.com/compliance/aws-whitepapers/for the latest version of this paper) Page 1 of 13 Overview

More information

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES:

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES: CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES: Privacy Responsibilities and Considerations Cloud computing is the delivery of computing services over the Internet, and it offers many potential

More information

Summary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL

Summary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL Summary of responses to the public consultation on Cloud computing run by CNIL from October to December 2011 and analysis by CNIL 1. Definition of Cloud Computing In the public consultation, CNIL defined

More information

Data Processing Agreement for Oracle Cloud Services

Data Processing Agreement for Oracle Cloud Services Data Processing Agreement for Oracle Cloud Services Version December 1, 2013 1. Scope and order of precedence This is an agreement concerning the Processing of Personal Data as part of Oracle s Cloud Services

More information

Cloud Computing. Introduction

Cloud Computing. Introduction Cloud Computing Introduction This information leaflet aims to advise organisations which are considering engaging cloud computing on the factors they should consider. It explains the relationship between

More information

Top 10 Cloud Risks That Will Keep You Awake at Night

Top 10 Cloud Risks That Will Keep You Awake at Night Top 10 Cloud Risks That Will Keep You Awake at Night Shankar Babu Chebrolu Ph.D., Vinay Bansal, Pankaj Telang Photo Source flickr.com .. Amazon EC2 (Cloud) to host Eng. Lab testing. We want to use SalesForce.com

More information

Cloud Computing Contracts. October 11, 2012

Cloud Computing Contracts. October 11, 2012 Cloud Computing Contracts October 11, 2012 Lorene Novakowski Karam Bayrakal Covering Cloud Computing Cloud Computing Defined Models Manage Cloud Computing Risk Mitigation Strategy Privacy Contracts Best

More information

Contracting for Cloud Computing

Contracting for Cloud Computing Contracting for Cloud Computing Geofrey L Master Mayer Brown JSM Partner +852 2843 4320 geofrey.master@mayerbrownjsm.com April 5th 2011 Mayer Brown is a global legal services organization comprising legal

More information

Legal Issues in the Cloud: A Case Study. Jason Epstein

Legal Issues in the Cloud: A Case Study. Jason Epstein Legal Issues in the Cloud: A Case Study Jason Epstein Outline Overview of Cloud Computing Service Models (SaaS, PaaS, IaaS) Deployment Models (Private, Community, Public, Hybrid) Adoption Different types

More information

Cloud Security Strategies. Fabio Gianotti, Head of Cyber Security and Enterprise Security Systems

Cloud Security Strategies. Fabio Gianotti, Head of Cyber Security and Enterprise Security Systems Cloud Security Strategies Fabio Gianotti, Head of Cyber Security and Enterprise Security Systems London, 14 October 2015 UNICREDIT AT A GLANCE Employees: more than 146.600 Branches: 8.403 Banking operations

More information

Managing Cloud Computing Risk

Managing Cloud Computing Risk Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify

More information

Anatomy of a Cloud Computing Data Breach

Anatomy of a Cloud Computing Data Breach Anatomy of a Cloud Computing Data Breach Sheryl Falk Mike Olive ACC Houston Chapter ITPEC Practice Group September 18, 2014 1 Agenda Ø Cloud 101 Welcome to Cloud Computing Ø Cloud Agreement Considerations

More information

Isaac Willett April 5, 2011

Isaac Willett April 5, 2011 Current Options for EHR Implementation: Cloud or No Cloud? Regina Sharrow Isaac Willett April 5, 2011 Introduction Health Information Technology for Economic and Clinical Health Act ( HITECH (HITECH Act

More information

5/29/2015. Auditing IT Contracts From Afar. Disclaimer. Agenda

5/29/2015. Auditing IT Contracts From Afar. Disclaimer. Agenda Auditing IT Contracts From Afar Ensuring Compliance Michael Carr, JD, CISSP, CIPP Director, Enterprise IT Architecture & Chief Information Security Officer University of Kentucky June 2015 Disclaimer The

More information

Data Protection Act 1998. Guidance on the use of cloud computing

Data Protection Act 1998. Guidance on the use of cloud computing Data Protection Act 1998 Guidance on the use of cloud computing Contents Overview... 2 Introduction... 2 What is cloud computing?... 3 Definitions... 3 Deployment models... 4 Service models... 5 Layered

More information

4/30/2014. Avoiding no to cloud computing. What is the Cloud Data as a Driver Regulations Avoiding No. Cloud Computing

4/30/2014. Avoiding no to cloud computing. What is the Cloud Data as a Driver Regulations Avoiding No. Cloud Computing Avoiding no to cloud computing A Primer for Compliance Professionals Janet Himmelreich, CCEP, CCEP-I Head, Client Compliance Services Centre of Excellence BT Global Services Al Silipigni SVP, CHIEF PRIVACY

More information

Cloud Computing and HIPAA Privacy and Security

Cloud Computing and HIPAA Privacy and Security Cloud Computing and HIPAA Privacy and Security This is just one example of the many online resources Practical Law Company offers. Christine A. Williams, Perkins Coie LLP, with PLC Employee Benefits &

More information

LEGAL ISSUES IN CLOUD COMPUTING

LEGAL ISSUES IN CLOUD COMPUTING LEGAL ISSUES IN CLOUD COMPUTING RITAMBHARA AGRAWAL INTELLIGERE 1 CLOUD COMPUTING Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing

More information

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter

Cloud Security considerations for business adoption. Ricci IEONG CSA-HK&M Chapter Cloud Security considerations for business adoption Ricci IEONG CSA-HK&M Chapter What is Cloud Computing? Slide 2 What is Cloud Computing? My Cloud @ Internet Pogoplug What is Cloud Computing? Compute

More information

(a) the kind of data and the harm that could result if any of those things should occur;

(a) the kind of data and the harm that could result if any of those things should occur; Cloud Computing This information leaflet aims to advise organisations on the factors they should take into account in considering engaging cloud computing. It explains the relevance of the Personal Data

More information

Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station

Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station Cloud Computing Flying High (or not) Ben Roper IT Director City of College Station What is Cloud Computing? http://www.agent-x.com.au/ Wikipedia - the use of computing resources (hardware and software)

More information

SECURING HEALTH INFORMATION IN THE CLOUD. Feisal Nanji, Executive Director, Techumen feisal@techumen.com

SECURING HEALTH INFORMATION IN THE CLOUD. Feisal Nanji, Executive Director, Techumen feisal@techumen.com SECURING HEALTH INFORMATION IN THE CLOUD Feisal Nanji, Executive Director, Techumen feisal@techumen.com Conflict of Interest Disclosure Feisal Nanji, MPP, CISSP Has no real or apparent conflicts of interest

More information

HIPAA in the Cloud. How to Effectively Collaborate with Cloud Providers

HIPAA in the Cloud. How to Effectively Collaborate with Cloud Providers How to Effectively Collaborate with Cloud Providers Speaker Bio Chad Kissinger Chad Kissinger Founder OnRamp Chad Kissinger is the Founder of OnRamp, an industry leading high security and hybrid hosting

More information

Insights into Cloud Computing

Insights into Cloud Computing This article was originally published in the November 2010 issue of the Intellectual Property & Technology Law Journal. ARTICLE Insights into Cloud Computing The basic point of cloud computing is to avoid

More information

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org

Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org Cloud Computing and Security Risk Analysis Qing Liu Technology Architect STREAM Technology Lab Qing.Liu@chi.frb.org 1 Disclaimers This presentation provides education on Cloud Computing and its security

More information

Auditing Cloud Computing and Outsourced Operations

Auditing Cloud Computing and Outsourced Operations Session 136 Auditing Cloud Computing and Outsourced Operations Monday, May 7, 2012 3:30 PM 5:00 PM Mike Schiller Director of Sales & Marketing IT, Texas Instruments Co Author, IT Auditing: Using Controls

More information

John Essner, CISO Office of Information Technology State of New Jersey

John Essner, CISO Office of Information Technology State of New Jersey John Essner, CISO Office of Information Technology State of New Jersey http://csrc.nist.gov/publications/nistpubs/800-144/sp800-144.pdf Governance Compliance Trust Architecture Identity and Access Management

More information

Architecting the Cloud

Architecting the Cloud Architecting the Cloud Sumanth Tarigopula Director, India Center, Best Shore Applications Services 2011Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without

More information

Cloud Security Who do you trust?

Cloud Security Who do you trust? Thought Leadership White Paper Cloud Computing Cloud Security Who do you trust? Nick Coleman, IBM Cloud Security Leader Martin Borrett, IBM Lead Security Architect 2 Cloud Security Who do you trust? Cloud

More information

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com Introduction to Cloud Computing Srinath Beldona srinath_beldona@yahoo.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?

More information

Privacy, the Cloud and Data Breaches

Privacy, the Cloud and Data Breaches Privacy, the Cloud and Data Breaches Annelies Moens Head of Sales and Operations, Information Integrity Solutions Legalwise Seminars Sydney, 20 March 2013 About IIS Building trust and privacy through global

More information

How Microsoft is taking Privacy by Design to Work. Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015

How Microsoft is taking Privacy by Design to Work. Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015 How Microsoft is taking Privacy by Design to Work Alan Chan National Technology Officer Microsoft Hong Kong 7 May 2015 Agenda Introducing the New Microsoft Microsoft privacy principle Protecting privacy

More information

Harnessing The Cloud: Managing Risks and Governance in a Cloud Environment Russell G. Weiss November 9, 2011

Harnessing The Cloud: Managing Risks and Governance in a Cloud Environment Russell G. Weiss November 9, 2011 2011 Morrison & Foerster LLP All Rights Reserved mofo.com Harnessing The Cloud: Managing Risks and Governance in a Cloud Environment Russell G. Weiss November 9, 2011 Presenter Russell Rusty Weiss Partner

More information

IT-CAST 2015 Cloud Total Ownership Costing: Considering the Technologies, Costs and Benefits

IT-CAST 2015 Cloud Total Ownership Costing: Considering the Technologies, Costs and Benefits IT-CAST 2015 Cloud Total Ownership Costing: Considering the Technologies, Costs and Benefits Daniel D. Galorath, CEO Galorath Inc. Steven Woodward, CEO, Cloud Perspectives Portions Copyright Cloud Perspectives

More information

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.

More information

Cloud Computing: The atmospheric jeopardy. Unique Approach Unique Solutions. Salmon Ltd 2014 Commercial in Confidence Page 1 of 5

Cloud Computing: The atmospheric jeopardy. Unique Approach Unique Solutions. Salmon Ltd 2014 Commercial in Confidence Page 1 of 5 Cloud Computing: The atmospheric jeopardy Unique Approach Unique Solutions Salmon Ltd 2014 Commercial in Confidence Page 1 of 5 Background Cloud computing has its place in company computing strategies,

More information

Public Versus Private Cloud Services

Public Versus Private Cloud Services Public Versus Private Cloud Services Table of Contents vs. What constitutes a Public Cloud versus a Private Cloud solution? When considering moving to a public Cloud infrastructure, what questions should

More information

Evolving Technology Issues: Cloud Computing

Evolving Technology Issues: Cloud Computing Evolving Technology Issues: Cloud Computing Michael Bennett October 16, 2011 2011 Edwards Wildman Palmer LLP & Edwards Wildman Palmer UK LLP Cloud Computing Does compliance with applicable laws fall to

More information

FAQ: HIPAA AND CLOUD COMPUTING (v1.0)

FAQ: HIPAA AND CLOUD COMPUTING (v1.0) FAQ: HIPAA AND CLOUD COMPUTING (v1.0) 7 August 2013 Cloud computing outsourcing core infrastructural computing functions to dedicated providers holds great promise for health care. It can result in more

More information

Cloud Services Overview

Cloud Services Overview Cloud Services Overview John Hankins Global Offering Executive Ricoh Production Print Solutions May 23, 2012 Cloud Services Agenda Definitions Types of Clouds The Role of Virtualization Cloud Architecture

More information

Data Centres North Data Centre Security is the tail wagging the dog? May 11-12 2015

Data Centres North Data Centre Security is the tail wagging the dog? May 11-12 2015 Data Centres North Data Centre Security is the tail wagging the dog? May 11-12 2015 Mark Bailey - Partner charlesrussellspeechlys.com Introduction Why do data centres exist? process data? protect data?

More information

WHITEPAPER. Data Security for Office 365 Balancing control & usability

WHITEPAPER. Data Security for Office 365 Balancing control & usability WHITEPAPER Data Security for Office 365 Balancing control & usability Contents Executive Summary... 2 Top Security Issues for Office 365... 4 Compelled Disclosures... 4 Unauthorized Sharing... 4 External

More information

Security & Trust in the Cloud

Security & Trust in the Cloud Security & Trust in the Cloud Ray Trygstad Director of Information Technology, IIT School of Applied Technology Associate Director, Information Technology & Management Degree Programs Cloud Computing Primer

More information

Cloud Computing: Contracting and Compliance Issues for In-House Counsel

Cloud Computing: Contracting and Compliance Issues for In-House Counsel International In-house Counsel Journal Vol. 6, No. 23, Spring 2013, 1 Cloud Computing: Contracting and Compliance Issues for In-House Counsel SHAHAB AHMED Director Legal and Corporate Affairs, Microsoft,

More information

Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015

Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 Annex 1. Contract Checklist for Cloud-Based Genomic Research Version 1.0, 21 July 2015 The following comprises a checklist of areas that genomic research organizations or consortia (collectively referred

More information

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc. hhughes@uslegalsupport.com www.uslegalsupport.com HIPAA Privacy Rule Sets standards for confidentiality and privacy of individually

More information

Clinical Trials in the Cloud: A New Paradigm?

Clinical Trials in the Cloud: A New Paradigm? Marc Desgrousilliers CTO at Clinovo Clinical Trials in the Cloud: A New Paradigm? Marc Desgrousilliers CTO at Clinovo What is a Cloud? (1 of 3) "Cloud computing is a model for enabling convenient, on-demand

More information

Key Considerations of Regulatory Compliance in the Public Cloud

Key Considerations of Regulatory Compliance in the Public Cloud Key Considerations of Regulatory Compliance in the Public Cloud W. Noel Haskins-Hafer CRMA, CISA, CISM, CFE, CGEIT, CRISC 10 April, 2013 w_haskins-hafer@intuit.com Disclaimer Unless otherwise specified,

More information

The Cloud at 30,000 feet. Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations

The Cloud at 30,000 feet. Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations The Cloud at 30,000 feet Art Ridgway Scripps Media Inc. Managing Director Newspaper IT Operations Survey: Where s home? How many using cloud computing now? How many thinking of using cloud computing? How

More information

Global Privacy and Data Security in the Cloud September 14, 2011 Miriam Wugmeister

Global Privacy and Data Security in the Cloud September 14, 2011 Miriam Wugmeister 2011 Morrison & Foerster LLP All Rights Reserved mofo.com Global Privacy and Data Security in the Cloud September 14, 2011 Miriam Wugmeister Presenter Miriam Wugmeister Morrison & Foerster LLP New York

More information

Information Security: Cloud Computing

Information Security: Cloud Computing Information Security: Cloud Computing Simon Taylor MSc CLAS CISSP CISMP PCIRM Director & Principal Consultant All Rights Reserved. Taylor Baines Limited is a Registered Company in England & Wales. Registration

More information

Cloud Computing: What needs to Be Validated and Qualified. Ivan Soto

Cloud Computing: What needs to Be Validated and Qualified. Ivan Soto Cloud Computing: What needs to Be Validated and Qualified Ivan Soto Learning Objectives At the end of this session we will have covered: Technical Overview of the Cloud Risk Factors Cloud Security & Data

More information

Cloud Security Introduction and Overview

Cloud Security Introduction and Overview Introduction and Overview Klaus Gribi Senior Security Consultant klaus.gribi@swisscom.com May 6, 2015 Agenda 2 1. Cloud Security Cloud Evolution, Service and Deployment models Overview and the Notorious

More information

East African Information Conference 13-14 th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?

East African Information Conference 13-14 th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud? East African Information Conference 13-14 th August, 2013, Kampala, Uganda Security and Privacy: Can we trust the cloud? By Dr. David Turahi Director, Information Technology and Information Management

More information

WELCOME TO SECURE360 2013

WELCOME TO SECURE360 2013 WELCOME TO SECURE360 2013 Don t forget to pick up your Certificate of Attendance at the end of each day. Please complete the Session Survey front and back, and leave it on your seat. Are you tweeting?

More information

Daren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD

Daren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD Daren Kinser Auditor, UCSD Jennifer McDonald Auditor, UCSD Agenda Cloud Computing Technical Overview Cloud Related Applications Identified Risks Assessment Criteria Cloud Computing What Is It? National

More information

Privacy Implications of Cloud Computing in Israel

Privacy Implications of Cloud Computing in Israel January 2012 Privacy Implications of Cloud Computing in Israel Adv. Naomi Assia Co-chairman of the Data Protection Committee -ITECHLAW www.computer-law.co.il Cloud Computing One widely accepted definition

More information

Cloud Security Trust Cisco to Protect Your Data

Cloud Security Trust Cisco to Protect Your Data Trust Cisco to Protect Your Data As cloud adoption accelerates, organizations are increasingly placing their trust in third-party cloud service providers (CSPs). But can you fully trust your most sensitive

More information

ISO 27001 COMPLIANCE WITH OBSERVEIT

ISO 27001 COMPLIANCE WITH OBSERVEIT ISO 27001 COMPLIANCE WITH OBSERVEIT OVERVIEW ISO/IEC 27001 is a framework of policies and procedures that include all legal, physical and technical controls involved in an organization s information risk

More information

The Challenges of Applying HIPAA to the Cloud. Adam Greene, Partner Davis Wright Tremaine LLP

The Challenges of Applying HIPAA to the Cloud. Adam Greene, Partner Davis Wright Tremaine LLP The Challenges of Applying HIPAA to the Cloud Adam Greene, Partner Davis Wright Tremaine LLP AGENDA Key Concepts Under HIPAA HIPAA Obligations for a BA Questions Remain Reaching Answers Resources KEY CONCEPTS

More information

Data safety at UXprobe. White Paper Copyright 2015 UXprobe bvba

Data safety at UXprobe. White Paper Copyright 2015 UXprobe bvba Data safety at UXprobe White Paper Copyright 2015 UXprobe bvba Table of contents Executive summary.... 3 1. Google App Engine... 4 2. Security at Google... 4 2.1. Data Access and identity... 4 2.2. Storage...

More information

Cloud Security Panel: Real World GRC Experiences. ISACA Atlanta s 2013 Annual Geek Week

Cloud Security Panel: Real World GRC Experiences. ISACA Atlanta s 2013 Annual Geek Week Cloud Security Panel: Real World GRC Experiences ISACA Atlanta s 2013 Annual Geek Week Agenda Introductions Recap: Overview of Cloud Computing and Why Auditors Should Care Reference Materials Panel/Questions

More information

AHLA. JJ. Keeping Your Cloud Services Provider from Raining on Your Parade. Jean Hess Manager HORNE LLP Ridgeland, MS

AHLA. JJ. Keeping Your Cloud Services Provider from Raining on Your Parade. Jean Hess Manager HORNE LLP Ridgeland, MS AHLA JJ. Keeping Your Cloud Services Provider from Raining on Your Parade Jean Hess Manager HORNE LLP Ridgeland, MS Melissa Markey Hall Render Killian Heath & Lyman PC Troy, MI Physicians and Hospitals

More information

INFORMATION SECURITY GUIDE. Cloud Computing Outsourcing. Information Security Unit. Information Technology Services (ITS) July 2013

INFORMATION SECURITY GUIDE. Cloud Computing Outsourcing. Information Security Unit. Information Technology Services (ITS) July 2013 INFORMATION SECURITY GUIDE Cloud Computing Outsourcing Information Security Unit Information Technology Services (ITS) July 2013 CONTENTS 1. Background...2 2. Legislative and Policy Requirements...3 3.

More information

Cloud Security Case Study Amazon Web Services. Ugo Piazzalunga Technical Manager, IT Security ugo.piazzalunga@safenet-inc.com

Cloud Security Case Study Amazon Web Services. Ugo Piazzalunga Technical Manager, IT Security ugo.piazzalunga@safenet-inc.com Cloud Security Case Study Amazon Web Services Ugo Piazzalunga Technical Manager, IT Security ugo.piazzalunga@safenet-inc.com Agenda 1. Amazon Web Services challenge 2. Virtual Instances and Virtual Storage

More information

Running head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1

Running head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1 Running head: TAKING A DEEPER LOOK AT THE CLOUD: SOLUTION OR 1 Taking a Deeper Look at the Cloud: Solution or Security Risk? LoyCurtis Smith East Carolina University TAKING A DEEPER LOOK AT THE CLOUD:

More information

BMC s Security Strategy for ITSM in the SaaS Environment

BMC s Security Strategy for ITSM in the SaaS Environment BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...

More information

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin Best Practices for Security in the Cloud John Essner, Director

More information

Data Privacy, Security, and Risk Management in the Cloud

Data Privacy, Security, and Risk Management in the Cloud Data Privacy, Security, and Risk Management in the Cloud Diana S. Hare, Associate General Counsel and Chief Privacy Counsel, Drexel University David W. Opderbeck, Counsel, Gibbons P.C. Robin Rosenberg,

More information

How to ensure control and security when moving to SaaS/cloud applications

How to ensure control and security when moving to SaaS/cloud applications How to ensure control and security when moving to SaaS/cloud applications Stéphane Hurtaud Partner Information & Technology Risk Deloitte Laurent de la Vaissière Directeur Information & Technology Risk

More information

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable

More information

The HR Skinny: Effectively managing international employee data flows

The HR Skinny: Effectively managing international employee data flows The HR Skinny: Effectively managing international employee data flows Topics we will cover today Laws affecting HR data flows HR international data protection challenges and strategic solutions Case study

More information

Cloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University

Cloud Computing: Opportunities, Challenges, and Solutions. Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University Cloud Computing: Opportunities, Challenges, and Solutions Jungwoo Ryoo, Ph.D., CISSP, CISA The Pennsylvania State University What is cloud computing? What are some of the keywords? How many of you cannot

More information

Cloud Computing: Risks and Auditing

Cloud Computing: Risks and Auditing IIA Chicago Chapter 53 rd Annual Seminar April 15, 2013, Donald E. Stephens Convention Center @IIAChicago #IIACHI Cloud Computing: Risks Auditing Phil Lageschulte/Partner/KPMG Sailesh Gadia/Director/KPMG

More information

GDPR & Cloud Providers Keynote Presentation

GDPR & Cloud Providers Keynote Presentation Cloudscape VII 9 March 2015 GDPR & Cloud Providers Keynote Presentation Kuan Hon Research Consultant, Cloud Legal Project & MCCRC Centre for Commercial Law Studies Queen Mary, University of London w.k.hon@qmul.ac.uk

More information

Implementing Privacy Compliant Hybrid Cloud Solutions

Implementing Privacy Compliant Hybrid Cloud Solutions Implementing Privacy Compliant Hybrid Cloud Solutions SESSION ID: DSP-T07A Peter J Reid Privacy Officer, Enterprise Business Hewlett-Packard Company Historical IT Outsourcing Perspective Cloud Web 2.0

More information

Effectively using SOC 1, SOC 2, and SOC 3 reports for increased assurance over outsourced operations. kpmg.com

Effectively using SOC 1, SOC 2, and SOC 3 reports for increased assurance over outsourced operations. kpmg.com Effectively using SOC 1, SOC 2, and SOC 3 reports for increased assurance over outsourced operations kpmg.com b Section or Brochure name Effectively using SOC 1, SOC 2, and SOC 3 reports for increased

More information

Into the Cloud: How will the Draft EU Data Protection Regulation affect cloud computing service providers and users?

Into the Cloud: How will the Draft EU Data Protection Regulation affect cloud computing service providers and users? 10 Juni 2013 Taylor Wessing - Essay Competition 2013 Into the Cloud: How will the Draft EU Data Protection Regulation affect cloud computing service providers and users? by Katarina Kesselová, LLM. Introduction

More information

IAPP Privacy Certification

IAPP Privacy Certification IAPP Privacy Certification Program Introduction to the Certification Foundation copyright 2011, IAPP Overview Each candidate who seeks an IAPP privacy certification for the very first time must complete

More information

Checklist: Cloud Computing Agreement

Checklist: Cloud Computing Agreement Checklist: Cloud Computing Agreement crosslaw s checklists Date : 21 November 2015 Version 1.4 Tags : ICT Law Johan Vandendriessche Johan is partner and heads the ICT/IP/Data Protection practice. He combines

More information

Every Cloud Has A Silver Lining. Protecting Privilege Data In A Hosted World

Every Cloud Has A Silver Lining. Protecting Privilege Data In A Hosted World Every Cloud Has A Silver Lining Protecting Privilege Data In A Hosted World May 7, 2014 Introduction Lindsay Stevens Director of Software Development Liquid Litigation Management, Inc. lstevens@llminc.com

More information

Virtual Law Practice and the Online Delivery of Legal Services

Virtual Law Practice and the Online Delivery of Legal Services Virtual Law Practice and the Online Delivery of Legal Services presented by Stephanie Kimbro Attorney, Kimbro Legal Services Technology Consultant, Total Attorneys Canadian Discipline Administrators Conference

More information

The Private Cloud Your Controlled Access Infrastructure

The Private Cloud Your Controlled Access Infrastructure White Paper: Private Clouds The ongoing debate on the differences between a Public and Private Cloud are broad and often loud. The bottom line is that it s really about how the resource, or computing power,

More information

POWER PROTECT PROMOTE. Information Governance In The Cloud

POWER PROTECT PROMOTE. Information Governance In The Cloud Information Governance In The Cloud Galina Datskovsky, Ph. D., CRM President of ARMA International SVP Information Governance Solutions Topics Cloud Characteristics And Risks Information Management In

More information

HIPAA in the Cloud How to Effectively Collaborate with Cloud Providers

HIPAA in the Cloud How to Effectively Collaborate with Cloud Providers How to Effectively Collaborate with Cloud Providers Agenda Overview of Topics Covered Agenda Evolution of the Cloud Comparison of Private vs. Public Clouds Other Regulatory Frameworks Similar to HIPAA

More information

Personal data and cloud computing, the cloud now has a standard. by Luca Bolognini

Personal data and cloud computing, the cloud now has a standard. by Luca Bolognini Personal data and cloud computing, the cloud now has a standard by Luca Bolognini Lawyer, President of the Italian Institute for Privacy and Data Valorization, founding partner ICT Legal Consulting Last

More information