SaaS Agreements – Hosting – Encryption of Stored Data

Under the Data Protection Act (DPA), SaaS customers are required to take “appropriate technical and organisational measures” to prevent the unauthorised or unlawful processing of personal data and accidental loss or destruction of, or damage to, personal data. SaaS providers who process personal data on behalf of SaaS customers are required to include such obligations in their SaaS agreement (or SLA).

Continue reading