The July 15 edition of SD Times will feature a comprehensive report about what companies in regulated industries need to understand about cloud computing, who can help, and what questions to ask cloud providers. Some of the topics that I wrote about include data compliance, privacy, and risk assessments. All things considered, it requires a lot of expertise to migrate sensitive application data to the cloud, and companies need help.

We slugged the story "Cloud Helpers" while I was writing it, because regulated organizations need help from compliance experts and legal counsels. There is a business opportunity for people who are experts in regulatory matters to advise companies about the cloud. Regulation is far from being uniform.

For instance, in the U.S., HIPAA established a framework for liability, whereas, PCI (for credit card payment processing) is somewhat superficial. Some data cannot leave the UK and France, and regulations among EU countries have a tangle of conflicting requirements.

Privacy is another matter altogether and should be a very serious concern. At some point, there will be greater application portability in the cloud. Companies may write business processes around finding the lowest cost provider, migrating their applications as the need arrises.

What happens when application data moves into a country that has poor privacy laws? What is the risk? That is where cloud helpers come in. Compliance experts also know about what to ask for in contracts, and what documentation should be given by the provider about its infrastructure, processes and personnel. They could also mediate SLA disputes.

A cloud provider could step up and become a leader in managing compliance and risk. Even still, consultants and lawyers are going to make a windfall from the cloud.