Kentucky Governor Steve Beshear signed H.R. 232 on April 10, 2014, making the Commonwealth the 47th state to enact a data breach notification law. “The law also limits how cloud service providers can use student data. A breach notification law in New Mexico may follow shortly.”

These types of laws are beginning to show up because state taxpayers are getting nervous about the expanding use of cloud computing for state-run organizations, such as schools.  These laws insure that data will be handled in a certain way, much like the regulations in the health and finance communities.

While there are more security and compliance issues to consider, the emergence of these laws encourages the secure use of cloud-based resources.  The states are saying that it’s okay to use cloud computing, but please do so with regard for security and privacy of our citizens.

While Kentucky is an early cloud lawmaker, other states will surely come up with laws as well.  Those variations will make it a bit more difficult for cloud providers to adjust offerings by state, but, again, this is a clear indication that state governments will be moving rapidly to the cloud.