As we push into 2017, there’s no doubt that businesses are fully embracing the cloud. The International Data Corporation estimates that end-user spending on cloud migration, computing, and services will reach over $44 billion this year. It’s hard to deny the obvious cost-saving benefits that comes with reducing or eliminating IT infrastructure. However, migrating to the cloud does pose a unique set of legal risks for you to consider.
First off, do not make the mistake of assuming you “own” the data you migrate to the cloud. You must be sure to detail the ownership of your data in the contract you draft with your service provider. Be sure to stipulate that when your contract is terminated the provider will deliver a copy of your data back to you and destroy all other copies in its possession. This is especially crucial if you’re dealing with a risky vendor who may eventually be squeezed out of the market.
“Is it secure?” This is one of the most significant questions to consider when it comes to the cloud. Businesses and individuals are both highly concerned about data theft. To ensure your data is safe, Tech Republic recommends requesting the following in your contract:
- The right to audit security practices and data centers
- Immediate notification in the case of a security breach
- Data encryption
Businesses in the U.S. are often subject to one or more data protection or privacy laws. Furthermore, the law holds organizations responsible for their subcontractors. This will affect dealings with your cloud provider.
For example, a healthcare organization may wish to migrate patient information that falls under the Health Insurance Portability and Accountability Act (HIPAA) to the cloud. The organization must be sure to use a cloud service provider that will sign a HIPAA business associate agreement.
In addition to regulations such as HIPAA, companies may have contractual obligations to protect their clients’ or employees’ personal information. Whether listed on the Privacy Statement found on your website or stipulated in an employee’s contract, it is your responsibility to ensure that data held in the cloud is used as specified and not disclosed to third parties.
Finally, it’s critical that you do your due diligence and protect yourself. Make sure your contract addresses what happens in the case of an outage or security breach. If such an issue arises, most cloud providers will limit their liability to a fixed amount. Many will issue a service credit that is capped based on a percentage of fees paid during that year. If you can’t access your data or your company faces an expensive lawsuit due to a breach, you want to ensure that you’re not overly exposed.
But there is a silver lining: cloud migration isn’t all that scary when you have help. In fact, the benefits of Internet-based computing, much like the cloud itself, are boundless. eMazzanti Technologies has proven success providing cloud solutions that ensure confidentiality, security, and compliance.
Interested in moving over to the cloud? Contact us today.