SSP, a leading global provider of insurance technology, has welcomed the timely publication of cloud computing guidance by the Information Commissioner’s Office (ICO).
The guidance addresses concerns that many businesses are unaware that their legal obligations under the Data Protection Act apply even when their data is stored and processed using a cloud service.
The ICO advises that businesses using the cloud question the provider on how they store the data, that agreement is reached between the two parties over how the data is stored and that businesses use a cloud service that is specifically designed for purpose.
Duncan MacMillan, group operations director at SSP, said: “The cloud is becoming mainstream and many brokers and insurers will be using cloud services, possibly even unknowingly.
“However companies still have to comply with data protection legislation to ensure that their customers’ personal data is held safely and securely. There are substantial reputational and legal risks if customer data is lost or misused, and brokers and insurers still need to know where their data is, and how it is handled and secured.”
In February, SSP launched its own private cloud, SSP Cloud, which addresses these concerns directly by ensuring that data is always stored in secure systems, in secure UK datacentres which are regularly audited and backed up by contractual commitments.
Mr MacMillan added: “SSP takes data security very seriously and welcomes any guidance that increases awareness, particularly among SMEs that may not otherwise have the resources to interpret the legislation directly.
"The way the use of the cloud has increased recently makes this guidance very timely and welcome. Every business owner and IT manager should take note of the advice issued by the ICO and check that their data is held safely and securely. This is particularly true if they outsource any of their IT provision. They need to talk to their supplier and confirm that they comply with this guidance."