Cloud Computing legal considerations

Legal Issues in Cloud Computing

Organizations considering using the cloud computing model should carefully consider a long list of legal issues before taking the plunge, an attorney advises.

In an interview, Marilyn Lamar, a partner at Liss & Lamar, advises those considering using remotely hosted applications to:

• Make sure the cloud computing vendor adequately addresses confidentiality, data integrity and availability issues.
• Specify in the contract how the vendor will preserve and produce information for e-discovery requests in court cases.
• Include extra security details in the business associate agreement, especially related to disaster recovery provisions. She points out that under proposed modifications to HIPAA, as called for under the HITECH Act, vendors serving healthcare organizations must comply with the HIPAA security rule.
• Make sure the vendor uses at least the same level of encryption as your organization. “You don’t want the third party to be the weak link in the chain,” Lamar says.
• Consider the risks related to where the vendor’s data center is located. An offshore center, for example, might present terrorist risks, while a domestic center might be in an area prone to earthquakes.
• Make sure, under the terms of the contract, that your organization is always able to retrieve data whenever it wants it, not just in case the vendor goes bankrupt. Plus, the data should be available in a specified format that’s easy to use.
• Ensure the contract specifies that all security provisions will continue to be carried out if the vendor is taken over by another company.

Read more

Here are some related posts:

Tags: cloud computing, considerations, Legal

Category: Cloud Computing News, legal, Litigation, Resources, Security, Tools