Sunday, January 17, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Compliance in the Cloud: Best Practices for Building Trust

by Mike Mason
May 23, 2018
in Compliance, Featured
Data Privacy

Data Privacy Becomes King

Cloud security and compliance laws surrounding personal information will continue to proliferate as governments attempt to protect their citizens’ private data. With a heightened consumer awareness of the need for data privacy, any violation of trust will damage an organization. Follow these recommendations to avoid fines, business interruption and loss of that all-important and increasingly rare commodity: consumer trust.

IT budgets are migrating to the cloud as organizations jump at the chance for greater efficiencies and economies of scale. But this means that masses of sensitive data are migrating as well, necessitating strong security so that heavily regulated industries like finance and healthcare remain compliant.

As cybersecurity regulation increases, compliance professionals struggle to manage and report using a wide array of legacy software services that are complicated, opaque and not optimized to configure for privacy and compliance.

Acknowledging Compliance in the Cloud

Mounting Regulation

In addition to the existing regulations of FINRA, HIPAA, PCI, FFIEC, NY State Cybersecurity Rule and FCA, organizations continue to face a mounting list of compliance regulations.

In the U.S., states aren’t waiting for the federal government to enact new legislation. The Maryland Personal Information Protection Act was amended to expand the definition of personal information and provide a 45-day time frame for notice of a breach. The state of Delaware passed a new law that requires businesses to alert state residents affected by a data breach within 60 days of the occurrence, and to notify the state attorney general if more than 500 residents are affected.

And, of course, the mother of all privacy laws, the European Union’s General Data Protection Regulation (GDPR), goes into effect on May 25th, 2018. It affects the way organizations collect, store and use EU citizen data. Under GDPR, fines can equal four percent of annual turnover or 20 million Euros.

Asking the Right Questions

Your business-critical functions are likely already being run by a network of cloud-based applications. So, when choosing a cloud application, it’s important to select one that will aid in cloud compliance and improve your security posture, not create more risk.

Security and compliance vulnerabilities can occur if cloud applications are added into your network before being properly vetted. If the applications don’t integrate, then you will possibly need to achieve compliance for each application separately.

When considering cloud applications, make it a priority to ask about integration. Ask compliance-related questions like:

  • How long am I required to store my data?
  • Where does my data reside?
  • Who has access to my data?
  • Is my data organized to aid in e-discovery?
  • Are my cloud applications secure?

Your Cloud Compliance Program

Because the regulatory environment is so complex, organizations have a hard time integrating their compliance programs with their security goals. But with a few considerations, you can better align your security and compliance goals.

  • What is required of my organization? These requirements can be mandated by specific regulations, which can be based on your jurisdiction, your industry or the activities that you employ to conduct business.
  • Regular compliance risk assessments are a must. Conducting regular risk assessments contributes to the foundation of a strong compliance program. Regulatory risks change, which calls for the risk assessment process to be updated and revised regularly.
  • Carefully monitor your compliance program. Be proactive; don’t wait until you are in the midst of a crisis to conduct your own audit. Understand your gaps and how to continue improving your compliance posture ahead of problems.

Avoiding fines for non-compliance is a great outcome, but better still is a focus on compliance that continues to help your organization increase customer trust and loyalty to your brand.

Compliance Builds Trust

Cloud security and compliance laws surrounding personal information will continue to proliferate as governments attempt to protect their citizens’ private data. With a heightened consumer awareness of the need for data privacy, any violation of trust will damage an organization. Cloud technology providers are working to provide stronger security measures, which will help organizations fortify their compliance posture. Use the recommendations above to avoid fines, business interruption and loss of that all-important and increasingly rare commodity: consumer trust.


Tags: Cloud Compliance
Previous Post

Yahoo Settlement Reflects Important Role of Cybersecurity Whistleblowers

Next Post

TRACE: All About RICO

Mike Mason

Mike Mason is the senior product marketing manager at FairWarning. Mike has oversight and financial responsibility over nearly every aspect of FairWarning’s marketplace communications and education efforts. Mike’s efforts are directed at telling the company’s story and its customer stories from an authentic point of view. Mr. Mason was previously a product manager for Rakuten MediaForge.

Related Posts

illustration of ransomware and hand paying ransom

Ransomware: It’s Time to Stop Negotiating

January 15, 2021
wrench with 100 dollar bills

DOJ Launches 2 Criminal Prosecutions of Illegal No-Poach and Wage-Fixing Agreements

January 14, 2021
mobile health care app

Prioritizing Compliance Along Health Care’s Digital Transformation Journey

January 14, 2021
illustration of executive standing center stage with team in silhouette behind him

COVID-19: Navigating the “CEO Moment”

January 13, 2021
Next Post
TRACE: All About RICO

TRACE: All About RICO

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management culture of ethics cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights