Privacy and Security in the Cloud
The transition to the cloud across industries raises numerous security concerns. Chiefly, federal and state privacy and security requirements affect cloud-based platforms and resources. Under the new regulations affecting the health care industry, cloud service providers that maintain PHI are considered business associates and are directly subject to privacy and security requirements. All companies using cloud-based resources need to know how to navigate regulatory uncertainties as they relate to shared compliance responsibility models and supply chain risks.
EBG’s approach seeks to reduce the risk of a data breach and government enforcement actions that could result in stiff fines, protracted corrective action periods, and possible class action litigation. Our services include:
- Managing the cloud environment for clients on various platforms, including Amazon Web Services, Google, Docker, Oracle, Azure, and Office 365, among others.
- Preparing business associate, vendor, and service provider agreements.
- Helping companies evaluate the privacy and security risks associated with cloud solutions.
- Coordinating with clients to mitigate privacy and security risks.
- Preparing documentary evidence in support of compliance.
- Defending clients in the context of a data breach, government investigation, and class action litigation.