Shulou(Shulou.com)06/01 Report--

When purchasing cloud accounting effectiveness, there are nine ways to deal with your business and legal risks to ensure that you can successfully choose this new accounting method.

These suggestions were provided by Riaz Karamali, a law expert and partner of Shengzhi Law firm, at the Cloud Fair in San Francisco.

Mr. Karamali's first suggestion is that if click terms do not fully meet your needs, writing an original cloud contract to "elements of your business theory, compliance needs and expectations" is the best way to ensure that your needs are met.

Although cloud suppliers usually offer one-size-fits-all terms, be sure to do everything you can to mitigate your risk.

The following list is a list of nine tips to help you do this.

1. Function

Effectiveness level agreements usually include normal working hours, effectiveness availability, and even the accuracy and quality of delivery. Emergencies, usual protection and force majeure work such as God's actions are exceptions. The method of satisfaction usually includes a promise of validity. However, based on the effectiveness or data loss and its impact on your business, the theory of losing can be a better choice. Begging root cause analysis can help determine and prevent future violations. The right of termination needs to be included in the final compensation.

two。 Data security

The terms should take into account external violations, malicious insiders and human errors. Sometimes damage from a disgruntled employee can be worse than an external violation, which needs to be taken into account.

3. Data privacy

You should consider the nature of the data and where it is collected, stored and disposed of, relative to your specific needs and compliance needs. It is also important to know which laws and regulations control your data privacy and what the supplier's responsibilities are. Examples of laws that control data privacy include:

In the United States: electronic Communications Privacy Act (ECPA), Health Information Privacy (HIPAA) and High Tech Act, Financial effectiveness Modernization Act, FTC Act, situation data violation Notification Act.

In the European Union: EU data protection rules

4. Force majeure and disaster programme

Force majeure refers to "beyond the control of the working parties, such as natural disasters or wars, one party is unable to carry out the obligations stipulated in the contract". Force majeure can be used as an excuse for non-implementation of liability, so such terms should be carefully defined and disposed of in your cloud contract. Every cloud effectiveness supplier should have a disaster recovery plan as a temporary emergency plan in the event of foreseeable force majeure. But there are few "guarantees".

5. Interoperability

When buying from multiple cloud suppliers for the same effect, make sure your suppliers will be able to work together. Don't forget to cover up and abort the data transmission. In the absence of a common data standard, data transfer between clouds can be considered labor-intensive. It is most important to ensure reliability and even access to your data and clarify the responsibilities of you and your suppliers.

6. Liability and compensation

The bondage of responsibility will deal with the type and quantity of responsibility and negotiate to make an exception. Liability satisfaction needs to be specified, and the manufacturer should pay appropriate insurance for the interests of the customer.

7. Audit right

The terms of the contract should include audit evaluation billing order, security systems and lifetime compliance of agreements in the cloud. Suppliers usually supply effectiveness organizational Control (SOC) 2 under SSAE16 audit standards, Chen said. SOC 2 Chen said to assess the effectiveness of the supplier's control over system security, availability, disposal integrity, confidentiality and privacy. This is a good start, but negotiations are often appropriate for additional audit rights that allow clients or their representatives to carry out inspections.

8. Long-term problem

When choosing a cloud effectiveness supplier, consider its stability, availability of acquisitions, suspension of effectiveness, and any other transformations that will affect or end your effectiveness contacts.

9. Ownership of intellectual property rights

In the software-as-a-effectiveness (SaaS) model, the full ownership of intellectual property rights is clear, the supplier has the order of use, and you have your data, but in other types of cloud effectiveness, customization of the order of use and other contributions you make as a user in the solution need to be taken into account.

Mr Karamali concludes that it is almost impossible for a client to eliminate all risks or win all points in negotiations. At all established legal points, customers need to know and assess possible risks, and then make a pragmatic business choice.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.