Cloud computing and the opportunities that come with it have quickly swept through the business world, and most organisations wouldn’t be blamed if they weren’t quite sure where the path leads. Although the concept of offshore data storage is anything but new, its recent proliferation has meant that an understanding of the laws and regulations involved may be further behind than anyone wants to admit. A recent whitepaper by UNSW, Aon, NEXTDC and Baker & McKenzie demonstrates the importance of understanding the laws that surround cloud data and the risks involved. NEXTDC found 88% of organisations experience at least one data breach each year, with between 36% and 62% stating the breaches involved a mistake by outsourcers, cloud providers, and other third parties. HR systems are being overhauled with cloud software, and data security is no longer just an IT responsibility in an organization. Of greatest importance is the understanding that the jurisdiction the data is stored in defines what laws apply to it. As such, understanding of privacy laws where data is stored is paramount to effectively reducing risk of data breaches.