50,000 employees information were leaked from Amazon’s S3 cloud server. If this happened to your cloud provider, who is liable for the consequences and how does a cyber policy react? In the United States, the business (agency/data owner), who has licensed the information to the vendor (cloud computing provider), is responsible for notifying each impacted individual by their domiciled state laws. It is also cloud computing industry practice to contractually deny any liability for lost data.
For proof, I’ve listed California’s civil code (cal. civ. code ยง 1798.29) specifying vendor / data owner responsibilities and Amazon Web Services (AWS) terms of service.
Evolve MGA’s cyber policy, EVO 3.0, covers policyholders in the event their cloud data is hacked, lost, or stolen.
Amazon’ Cloud Data Breach: https://lnkd.in/gwjxCn8
AWS’s ToS: https://lnkd.in/g53V_Y4
CA Legal Code: https://lnkd.in/g6E9neU
US State Data Breach Laws: https://lnkd.in/g-KT5Kc[/vc_column_text][/vc_column][/vc_row]