Consumer Tips Cloud Computing Privacy Tips World Privacy Forum Skip to Content Javascript must be enabled for the correct page display Home Connect With Us: twitter Vimeo email Main Navigation Hot Topics

Consumer Tips Cloud Computing Privacy Tips

February 23, 2009 By Robert Gellman and Pam Dixon

Tips for consumers

Read the Terms of Service before placing any information in the cloud. If you don’t understand the Terms of Service, consider using a different cloud provider. Don’t put anything in the cloud you would not want the government or a private litigant to see. Pay close attention if the cloud provider reserves rights to use, disclose, or make public your information. Read the privacy policy before placing your information in the cloud. If you don’t understand the policy, consider using a different provider. When you remove your data from the cloud provider, does the cloud provider still retain rights to your information? If so, consider whether that makes a difference to you. Will the cloud provider give advance notice of any change of terms in the terms of service or privacy policy?

Tips for business or government

Beware of “ad hoc” cloud computing. Any organization should have standardized rules in place telling employees when and if they may utilize cloud computing and for what data. Don’t put anything in the cloud you wouldn’t want a competitor, your government, or another government to see. Read the Terms of Service. Then read the Terms of Service again. Make sure that you are not violating any law or policy, by putting data in the cloud, and think twice before putting any consumer data in the cloud. Consult with your technical, security or corporate governance advisors about the advisability of putting data in the cloud. For More Information on Cloud Computing:
See World Privacy Forum’s report on Cloud Computing, Privacy in the Clouds: Risks to Privacy and Confidentiality from Cloud Computing . For updates to the report, these tips, and other documents related to the report, see the World Privacy Forum’s Cloud Privacy page at: . Posted February 23, 2009 in Blog Post, Cloud Computing, Consumer Tips, Uncategorized Next »Report Announcement: Privacy in the Clouds « PreviousWPF Resource Page: The National Health Information Network Page WPF updates and news CALENDAR EVENTS

WHO Constituency Meeting WPF co-chair

6 October 2022, Virtual

OECD Roundtable WPF expert member and participant Cross-Border Cooperation in the Enforcement of Laws Protecting Privacy

4 October 2022, Paris, France and virtual

OECD Committee on Digital and Economic Policy fall meeting WPF participant

27-28 September 2022, Paris, France and virtual more Recent TweetsWorld Privacy Forum@privacyforum·7 OctExecutive Order On Enhancing Safeguards For United States Signals Intelligence Activities The White House https://www.whitehouse.gov/briefing-room/presidential-actions/2022/10/07/executive-order-on-enhancing-safeguards-for-united-states-signals-intelligence-activities/Reply on Twitter 1578431679592427526Retweet on Twitter 1578431679592427526Like on Twitter 1578431679592427526TOP REPORTS National IDs Around the World — Interactive map About this Data Visualization: This interactive map displays the presence... Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974 This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process. COVID-19 and HIPAA: HHS’s Troubled Approach to Waiving Privacy and Security Rules for the Pandemic The COVID-19 pandemic strained the U.S. health ecosystem in numerous ways, including putting pressure on the HIPAA privacy and security rules. The Department of Health and Human Services adjusted the privacy and security rules for the pandemic through the use of statutory and administrative HIPAA waivers. While some of the adjustments are appropriate for the emergency circumstances, there are also some meaningful and potentially unwelcome privacy and security consequences. At an appropriate time, the use of HIPAA waivers as a response to health care emergencies needs a thorough review. This report sets out the facts, identifies the issues, and proposes a roadmap for change.