Cloud Computing Standards
Major data protection laws and regulations on cloud computing around the world advocate implementation of reasonable / appropriate / necessary / minimum security practices / procedures / measures / controls. But the way ‘reasonability’ is addressed varies with each regulation / country.
Internationally, the guidance and direction with respect to ‘reasonability / appropriateness / necessary’ of security measures / safeguards is provided by either:
- The law itself (Germany – Federal Data Protection Act, US – Massachusetts Privacy Law)
- The statutory authorities enacted by the law (UK - Information Commissioner’s Office, Australia -Office of Privacy Commissioner)
- Provisions in the law for formulation of guidelines (Japan – Act on the Protection of Personal Information, Japan)