• By:
• Dinsmore & Shohl LLP on 12/13/2010

• 
• Tweet

Two major legal and technological changes that have taken place in the past several years are now colliding. First, with the rise of social networking and other trends, governments at every level are passing tougher laws that protect the privacy and security of personal data. Second, the decreasing costs of computer storage and bandwidth make it feasible for the first time for businesses of all sizes to outsource storage of their customers’ personal and financial data to the “cloud.”

These two changes — a patchwork of new privacy and data security laws and the rapid rise of cloud computing — mean that businesses face different data storage risks. Businesses therefore should understand, both from a legal and technological perspective, how to use cloud computing safely to store personal data about their customers.

Some privacy and data security laws have been in place for years. For instance, HIPAA regulates the privacy and security of medical information, the Graham-Leach-Bliley Act controls how financial institutions must safeguard customer data, and the European Union’s privacy directives regulate how personal data of European citizens — now the customers of most any internet-based business — may be treated.

Quickly rising, however, is the number of states that require disclosure to their citizens when the security of an out-of-state business’s customer database is compromised. These instances — not limited simply to situations where a computer criminal has hacked into the database — are usually very expensive to remedy and create public relations disasters for consumer-facing businesses.

Please see full article below for more information.

DOCUMENT INFO

RELATED DOCUMENTS BY DINSMORE & SHOHL LLP