The benefits and risks of using cloud services to store corporate data have been debated for years, and many organisations have taken a firm stance against their use.
GCs have mixed feelings about cloud services – particularly if third-parties, including law firms, are using them on their organisation’s behalf. However, while GCs may be keeping a strict eye on how well their own companies store and handle data, their awareness of the systems used by the organisations they outsource to and trust with their own corporate information may not be so high. However, this looks likely to change, in part due to guidance published in 2013 by the Solicitor’s Regulation Authority (SRA), which aimed to address the “lack of due diligence over outsourcing arrangements” and reminded firms of their duty when using the cloud to “keep client information confidential”, with particular reference to Outcome 7.10 of the SRA Code of Conduct.
