Within the last year we have seen a rush of companies moving to store their corporate data in the cloud. While cloud computing promises easier data management, scalability and the potential for lower costs, organizations need to ensure that the cloud technology solution they select can also meet their information governance requirements. Here are some areas to consider:

1. Data Security: Companies should ask how data security and encryption are handled. There are specific compliance requirements governing the secure storage of sensitive information, including PII, PHI, PCI. While security is often the top concern for clouds, I believe that most major providers offer data security as good or better than that provided within most corporations' internal systems. Still, make sure you review the cloud service provider's security program. Also look at the level of access control—who can see whose data?

2. European Data Privacy: European Union privacy laws (especially in Germany) make it a risk to store data about its citizens outside of their geographic borders. (By the way, this is really a jobs protection issue.) You may have a requirement to segregate and store EU data in-country in clouds based within those countries.