Upload File

cloud service provider contracts: a checklist for records … · 2016. 6. 8. · • integrated...

  • Home
  • Documents
  • Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist
18
Cloud Service Provider Contracts: A Checklist for Records Professionals Corinne Rogers University of Bri1sh Columbia Marie Demoulin, Jessica Bushey, Elissa How, Robert McClelland InterPARES Trust Interna1onal Symposium Marburg, Germany June 8, 2016

Upload: others

Post on 18-Jan-2021

2 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

CloudServiceProviderContracts:AChecklistforRecordsProfessionals

CorinneRogers

UniversityofBri1shColumbia

MarieDemoulin,JessicaBushey,ElissaHow,RobertMcClelland

InterPARESTrustInterna1onalSymposiumMarburg,Germany

June8,2016

Page 2: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Researchteam

•  Researcher&ProjectLead– Dr.MarieDemoulin,UniversitédeMontreal

•  GraduateResearchAssistants–  JessicaBushey,UBC– ElissaHow,UBC

•  IndependentResearcher– RobertMcLelland,DeltaMuseum&Archives

Page 3: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Access

Security

Infra-structure

Control

Legal

Policy

SocialIssues

Resources

Terminology

Educa>on

Page 4: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Purpose&Researchques1on

•  Toexplorethecontract–specificallythecontractbetweenaclientandacloudserviceprovider–asatoolforbuildingtrust

•  Howeffec1velydocloudservicecontractsmeettheneedsofrecordsmanagers,archivists,andinforma1ongovernanceprofessionals?

Page 5: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Firststep:ReviewtheLiterature•  Currentresearch(2011-2014)

Findings:–  Severallegaldocumentsexist

•  TermsofService•  ServiceLevelAgreements•  PrivacyPolicies•  AcceptableUsePolicies

–  Li^lestandardiza1onofterms–  “Obenincomprehensibletomajorityofusers”– Wide-rangingexclusionsofliabilityfavortheproviders–  Termsmaychange

Page 6: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Firststep:ReviewtheLiterature

•  CaseLawandRelatedAr1clesFindings:– Rela1velyfewcases,butseverallegaltenets– Complexityresultsfromjurisdic1onalandindustrydifferences•  Contractlaw•  Privacyandaccess•  Confiden1alityandsecurityofdata•  Datajurisdic1onandconflictoflaws

Page 7: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Firststep:ReviewtheLiterature

•  RecordkeepingStandards,CloudCompu1ngContractStandards,andrelatedar1cles–  ISO15489(2001)–  ISO14721(2012)– ARMAGARP(2013)– MoReq(2009)

Page 8: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Firststep:ReviewtheLiterature

•  RecordkeepingStandards,CloudCompu1ngContractStandards,andrelatedar1cles– CloudServiceLevelAgreementStandardiza1onGuidelines(2014)

– PublicRecordsOfficeofVictoria(2012)

Page 9: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Compara1veAnalysis

•  Regardlessofjurisdic1on,sector,orprofession,commonrisksexist:– Unauthorizedaccess– Privacybreach– Lossofaccess,control– Lackoftransparencyofservice– Lackofabilitytonego1ateservice– Loca1onambiguity– Contractambiguity

Page 10: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

SpecificConsidera1ons

•  Dataownership•  Availability,retrievalanduse•  Datastorageandpreserva1on•  Datareten1onanddisposi1on•  Security,confiden1ality,privacy•  Dataloca1onandcross-borderdataflow•  Endofservice;contracttermina1on

Page 11: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Selectedcontracts

•  Nomarke1ngmaterial•  Boilerplatecontracts&documents– TermsofService(ToS)– ServiceLevelAgreements(SLA)– Privacypolicies,AcceptableUsepolicies,Securityterms,

•  Jurisdic1on– Canada,UnitedStates,Europe

Page 12: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Contractsconsidered•  Amazon.com(USA)•  Bluelock(USA)•  Dropbox(USA)•  Egnyte(USA)•  GoGrid(USA)•  Google(USA)•  ProfitBricks(USA)•  Rackspace(USA)•  CityNetwork(Sweden)•  SAP(Belgium)•  PathwayCommunica1ons(Canada)

Page 13: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

TheChecklist

Page 14: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

TheChecklist-sec1ons

•  Agreement•  DataOwnershipandUse•  Availability,Retrieval,andUse•  DataStorageandPreserva1on•  DataReten1onandDisposi1on•  Security,Confiden1ality,andPrivacy•  DataLocaliza1onandCross-borderDataFlows•  EndofService;ContractTermina1on

Page 15: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Integra1on&Review

•  IntegratedwithNA03:StandardsofPrac1ce•  IntegratedwithNA06:Reten1on&Disposi1onchecklist

•  Releasedforfeedbackinfall2015•  TestedinInterna1onalFedera1onofRedCrossandRedCrescentSocie1es

•  PresentedatICAinRekjavik,Iceland–ve^edinaninterna1onalspace–posteronICAwebsite

Page 16: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Resources

•  CloudServiceContracts:AnIssueofTrust,CanadianJournalofLibraryandInforma2onScience(CJLIS):SpecialIssueonData,RecordsandArchivesintheCloud,June2015

•  h^ps://interparestrust.org/Dissemina1on– Annotatedbibliography– Checklist– FinalReport

Page 17: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Con1nuingac1vi1es

•  ChecklistbeingtranslatedintoSpanish•  Reportbeingfinalized

Page 18: Cloud Service Provider Contracts: A Checklist for Records … · 2016. 6. 8. · • Integrated with NA03: Standards of Prac1ce • Integrated with NA06: Reten1on & Disposi1on checklist

Thankyou!

www.interparestrust.org


MIL THRU 2019 MILFORD CEMETERY CEM LOT LAST NAME … · 2020. 11. 9. · MIL NA03-03/7 Beaton Sheryl Jean (Clark) 8/4 1947 1/7 1998 MIL S18-02/3 Beck Arvada Ruth 4/4 1911 1/14 2002

Zubro DNP ePoster Presentation FINAL 8.14.14dnpconferenceaudio.s3.amazonaws.com/2014/1PosterPresentations… · Chronic(Care(and(Concierge:(An(Innova1ve(Business(Model(for(Independent(APN(Prac1ce(John

06 wo na03 e1_1 umts access control-113

CSC 5991 Cyber Security Prac1ce - Wayne State University · Why Study Security? It’s cool to be a hacker It’s a hot topic and media talk about it It’s useful for finding a

Chronic Care Management in Practice - SULM · 2013. 10. 23. · “Chronic)Care)Management)in)Prac1ce“) Ausgangslage) • Die)ZukunL)ist„chronisch“) – Demographie) – Medizinischer)Fortschri;)

1 INF-T16 BaseStok-NA03 - Infineum Insight · volume that is lost to Group 3 in the higher tier motor oils. Brent Lok: I think ... comparable to Group 3 and 4 base oils, and ... 1

CSC#5991#Cyber#Security#Prac1ce# Team#Projects# · – the#1tle#of#the#paper#or#project# – team#member#names#and#email#addresses## – course#name,#number,#and#instructor's#name##

Honey-pot constrained searching with local sensory …hespanha/published/NA06-final.pdfHoney-pot constrained searching with local sensory ... using an autonomous robot which is only

SOLE Poster 2011-1 - WordPress.com · TheStudentOwnedLearningEngagement(SOLE)model$ Learning(Design(Theory(Learning(Design(Prac1ce(Simon(Atkinson(hp://solemodel.wordpress.com((((Contexts

CSC 5991 Cyber Security Prac1ce - fengweiz.github.io · Course Overview • Providing hands-on experience in playing with security so]ware and network systems in a live laboratory

Nissho X T T-POlN%Ëtm. 11 Nissho O Nissho AMtO:OO- PMS: oo ... · AMtO:OO- PMS: oo FOI,OOOB! na03,OOOB! .srv'yz OPENfi Nissho 47,300B *480B 150 1.8*- ää03* 01 200 24,oooptE 54

Curriculum(2020,(General(Prac1ce( and(Community(Medicine( · Curriculum(2020,(General(Prac1ce(and(Community(Medicine(Dr(Chris(Holland(10thJune2015 KUMEC(Annual(Conference(Curriculum

NA06 20150602 RetentionDispositionClouds LiteratureReview v1 · 6/2/2015  · ! 6! Ion et al. cite that the expectation of privacy is not typically written into cloud provider service

Honey-pot constrained searching with local sensory informationhespanha/published/NA06-final.pdf · 2020-05-18 · 1774 B. DasGupta et al. / Nonlinear Analysis 65 (2006) 1773–1793

2018 MEDIA KITfiles.nailsmag.com/site/NA06-0936mediakit-2018fnlLR.pdf · best nail artists in the world EMAIL ... best practices, and com-Interview 67 Ways to Fill Your Chair

Kerstin Sonnabend – Michael Hass N-NA06: Nuclear Astrophysics Open questions and issues in nuclear astrophysics Kerstin Sonnabend Darmstadt, Germany Presented

(2) (CH2)5CH3 CH3CH2CH3 CH—CHz— 803 3 45 —CH3 S03Na (3 ... · (2) (CH2)5CH3 CH3CH2CH3 CH—CHz— 803 3 45 —CH3 S03Na (3) Na03 15 45 10 30 5} ) 1 22, Kb ì+ Kho 0.250 , 8mg/L