The Sm@rtEdgeLaw Group

- "Smart companies need a Sm@rtEdge" TM

Category: Cloud Computing

Fairfield County Business Journal Profiles SmartEdgeLaw Group

We’re proud to be featured in the Fairfield County Business Journal. Our practice is tech-focused, reality-driven and above all embrace that legal is here to deliver solutions and recommendations not road blocks. Our firm works throughout CT and NYC and is constantly developing new approaches to meet your legal needs. Westport attorney takes a legal […]

New Cloud Computing Guidance From Health & Human Services’ OCR

The digital world has migrated to the Cloud, on both personal and business levels.  But for “covered entities” and “business associates” subject to the Health Insurance Portability and Accountability Act regime, better known by the moniker of “HIPAA”, many CE and BA’s must often determine how (and whether) they can take advantage of cloud computing while […]

1+ Billion Records Exposed So Far in 2016

With Labor Day over and summer now fading into memory, it’s the perfect time to take a fresh look at your data and information security, privacy and compliance postures. And to review fresh lessons from what 2016 has served up as to data breaches and incidents in the first six months. Background Earlier this year, […]

Ready to Revisit Your Cloud Contracts? FedRAMP is Ramping Up With Three Public Webinars

Those who follow cloud computing on the federal level know the Federal Risk and Authorization Management Program (“FedRAMP”) is tasked with developing a “government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.”  We expect FedRAMP to have a broader ripple effect for corporate cloud contracting, […]

Procurement Takeaways of the Intersection of Cloud Computing and Mobility

The National Institute of Standards and Technology (“NIST”) held a two and a half day workshop last week, March 25-27, entitled The Intersection of Cloud and Mobility, to brainstorm on the issues, problems and realities of a world where “low-end mobile devices access diverse and scalable cloud computing resources and globally connected mobile enabled resources […]

What the Walking Dead Can Teach Us About Vendor Agreements

As fans of the AMC hit series, The Walking Dead, last night’s mid-season premiere drove home that the show is fundamentally an examination of basic morality. And contract law. And the vital importance of “vetting” third-party contractors. Think we’re stretching things?  Read on… for what the Walking Dead teaches about your vendor agreements and dealing […]

NIST Releases Cloud Computing “Security Reference Architecture” (SP 500-299) for Public Comment

The National Institute of Standards and Technology (“NIST”) loves its “Special Publications” the way IRS agents love new tax forms. NIST’s SP’s, however, are much more useful, and its latest Special Publication release in draft form for public comment, SP 500-299 “Cloud Computing Security Reference Architecture” introduces NIST’s Cloud Computing Security Reference Architecture (“SRA”) as […]

Ponemon Study on Patient Privacy Highlights Security Failings

Released today, the Ponemon Institute‘s Third Annual Benchmark Study on Patient Privacy & Data Security (available at, http://www2.idexpertscorp.com/ponemon2012/) starkly highlights the continued serious challenges faced by healthcare organizations in adequately safeguarding protected health information (“PHI”). As the study notes straight out of the gate “the threats to healthcare organizations have become increasingly more difficult to […]

NIST Releases Public Draft SP800-53 Addressing Cybersecurity Threats & Privacy Controls

Yesterday the National Institute of Standards and Technology (NIST) released the 4th iteration of what will ultimately be a mainstay document for federal agencies required to comply with provisions of the Federal Information Security Management Act (FISMA) and FIPS 200. As a result it should have a significant affect on federal cloud security practices that […]

NIST Issues Finalized Guidelines for Managing Security & Privacy in Public Cloud Computing

Say what you will about the federal government, the Nat’l Institute of Standards & Technology (“NIST“), part of the Department of Commerce, has certainly been busy over the past year releasing numerous special drafts and reports addressing cloud computing recommendations, security and issues. [Full disclosure: I’m a member of several NIST working groups, including one currently working […]

Cloud Security, Data Breaches and the CFAA

Attorney Rich Santalesa provided commentary for a Business Insurance article titled, “Managing Cloud Computing Security Requires Planning” available at  http://www.businessinsurance.com/article/20120115/NEWS07/301159998#full_story. And Santalesa comments again in an Information Week article dealing with a CFAA-related sentencing:  “Patient Data Theft Sends IT Specialist To Jail” available at http://www.informationweek.com/news/healthcare/security-privacy/232400459

Contracting for Cloud Computing Services

The Knowledge Group/The Knowledge Congress Live Webcast Series, a leading producer of regulatory focused webcasts, has announced that attorney, Richard Santalesa, will be speaking at the Knowledge Congress’ webcast entitled: “Contracting for Cloud Computing Services: What You Need to Know” scheduled for February 14, 2012 from 12:00 PM to 2:00 PM ET. For more details […]

NIST Releases New DRAFT Cloud Computing Synopsis

The National Institute of Standards and Technology (NIST) recently released a new cloud computing draft special publication for public review and comment (see associated press release), which NIST is billing as “its most complete guide to cloud computing to date.”  Public comments to NIST on the 84-page P 800-146  DRAFT Cloud Computing Synopsis and Recommendations (PDF 1.9MB) […]

© 2014-2022 Sm@rtEdge LLC. All Rights Reserved. Attorney advertising. Prior results do not guarantee a similar outcome. Site Map Privacy Policy Frontier Theme