After years of debate and discussion, adoption rates and CIO opinion surveys confirm that Cloud is now widely accepted as the most significant mode of IT adoption going forward. One of the major points of appeal in adopting Cloud services is that customers are, in principle, freed from having to worry about the details of where their data is held and how it is managed.
Alas, while this is certainly true for the kinds of Cloud services we might consume as private citizens (such as Facebook, Twitter, or Gmail, for example), the same freedom from worry does not apply to enterprise or public sector organizations putting customer, patient, or company data into the Cloud. If you are a company utilizing cloud services, ignore European data residency, privacy, and protection regulations at your peril. Failing to establish a clear and consistent policy with your cloud service providers on how and where your sensitive data is managed could result in public embarrassment, reputational harm, and possible civil fines and penalties – or worse, criminal prosecution.