According to them, cloud services are to be favored because they are better at:
“updating, maintaining, patching and securing their infrastructure “, and have
“lower IT costs and the ability to develop, test and deploy services quickly without large capital expense “
“You may need to recruit the right capability to deliver and manage cloud services if your organisation has no prior experience of running this type of service.”
Many Qualys customers that I’ve spoken to report that auditing Cloud infrastructure requires specialized skills. Finding people with these skills is hard, they observe. Hiring and keeping such rare staff is even harder.
“As an organisation, you retain Data Controller responsibility.”
The NHS Digital may be giving the NHS and social care organisations the green light for storing sensitive data in cloud, but they didn’t write a blank check. They also remind the organizations that they remain accountable – GDPR still applies!