Blog | Support | 日本語
CipherCloud for SalesForce CipherCloud for Office 365 CipherCloud for Box Demo CipherCloud for Gmail Demo CipherCloud for AnyApp Demo
CipherCloud for SalesForceCipherCloud for Gmail
Cloud Data Protection Solution | CipherCloud
  • Products
    Technologies
    Products
    • CipherCloud Platform
    • CipherCloud for Salesforce
    • CipherCloud for Chatter
    • CipherCloud for Box
    • CipherCloud for Office 365
    • CipherCloud for Gmail
    • CipherCloud Connect AnyApp
    • CipherCloud Database Gateway
    • CipherCloud for AWS
    • Cloud Encryption
    • Cloud Tokenization
    • Cloud Audit
    • Cloud Malware Protection
    • Cloud Data Loss Prevention
  • Solutions
    Industries
    Compliance
    • Data Residency
    • ITAR
    • PCI
    • UK Data Protection Act
    • Financial Services
    • Healthcare
  • Partners
    • Partner Overview
  • Customers
    • CipherCloud Customers
  • Learning Center
    • Breach Watch
    • Featured Content
    • Webinars
    • White Papers
    • Product Content
    • Case Studies
    • Videos
  • Company
    • About CipherCloud
    • Leadership
    • Board of Directors
    • Press Releases
    • In the News
    • Events
    • Advisors
    • Awards
    • Investors
    • Careers
    • Contact Us
Data Residency
ITAR
PCI
UK Data Protection Act
Financial Services
Healthcare

The UK Data Protection Act

In the UK, the Information Commissioner's Office (ICO), which has the ability to levy half a million pounds in fines for companies that contravene the Data Protection Act, has recently turned its attention to the cloud. In November 2012, it published guidance outlining the responsibilities for companies storing their customers' data in cloud environments.

The guidelines assign responsibility for data security unequivocally to the company that owns the data, rather than the company taking care of it. Any organisation with customer data processed by a cloud service provider that has a data breach may want to blame the third party, but the ICO has made it clear that the owner of the data is responsible.

The ICO offers data controllers several key pieces of advice to stay within the confines of the Data Protection Act. They must:

  • Consider which data to move to the cloud, and assess the risks.
  • Monitor the service provider's performance, and keep customers informed about their use of cloud services.
  • Ensure that data is protected using the technical and organisational measures necessary
  • Select the right cloud service provider, sealing agreements over security with a written contract.
Security Begins with Cloud Encryption & Key Management

Data controllers must ensure that their own systems are secure. In Paragraph 63 of its guidance, the ICO singles out encryption as a useful tool in protecting the personal data in the cloud, even when it is being processed by a third party. By clearly specifying the use of encryption to keep sensitive data private and safe, the ICO is helping businesses and governments address the demands of complying with the UK Data Protection Act. The ICO explicitly calls out its ability to levy fines and recent penalties as a clear warning that it will penalise organisations not meeting their data privacy responsibilities. CipherCloud's groundbreaking cloud encryption gateway is making it easy for UK and European organisations to meet their data privacy and regulatory obligations in the cloud.

Products

CiperCloud Gateway

CipherCloud for Salesforce.com

CipherCloud for Chatter

CipherCloud for Gmail

CipherCloud for Office 365

CipherCloud Connect AnyApp

CipherCloud Database Gateway

CipherCloud for Amazon Web Services

Technologies

Encryption

Tokenization

Malware Detection

Cloud Audit

Solutions

Data Residency

ITAR

PCI

Learning Center

Breach Watch

Featured Content

Understanding Cloud Security

Product Content

Case studies

Company

About CipherCloud

Awards

Customers

Partners

Press Releases

Careers

Contact Us

Follow Us
Share to FacebookLikedInShare to Twitter
Copyright 2013 CipherCloud, Inc.
Login