Navigating Through the Cloud – Legal and Regulatory Management for Software as a Service

27 Pages Posted: 18 Mar 2012

See all articles by Jon Garon

Jon Garon

Shepard Broad College of Law

Date Written: October 11, 2011


Cloud computing has moved from a possible method of efficient data management to the industry standard for content management in many sectors. In response, new legal and regulatory standards for data privacy, security, and reliability are evolving to create a moving target for business, affecting all industries with data stored on remote servers. Managing these challenges requires both vendors and customers to utilize comprehensive contracts and effective compliance efforts, particularly for international transactions and transactions involving health care, financial services or other regulated industries. This review provides a roadmap to the practice of cloud computing and highlights the regulatory framework under which companies can take advantage of its efficiencies. It will also explore some of the contractual approach available to manage risk, achieve regulatory compliance, and better align the interests of the vendors and their customers.

Keywords: Cloud Computing, computers, technology, law, compliance, SOC3, SSAE 16, Audit Requirements, PCI Credit Card Compliance, Data Security, Data Privacy, HIPAA, GLB Act

JEL Classification: C8, C80, C88, L63, L86, K00, K39, O14, O3, O30, O34, O38

Suggested Citation

Garon, Jon M., Navigating Through the Cloud – Legal and Regulatory Management for Software as a Service (October 11, 2011). Available at SSRN: or

Jon M. Garon (Contact Author)

Shepard Broad College of Law ( email )

3301 College Avenue
Ft. Lauderdale, FL 33314
United States

Here is the Coronavirus
related research on SSRN

Paper statistics

Abstract Views
PlumX Metrics