data residency

Data residency refers to the physical or geographic location of an organization's data or information. Similar to data sovereignty, data residency also refers to the legal or regulatory requirements imposed on data based on the country or region in which it resides.

Download this free guide

Instant Download: Cloud skills that will get you hired

Thinking of making a change? Download "Cloud skills, trends, and technologies to know in 2018" to nail your next interview.

Start Download

• Corporate E-mail Address:

  You forgot to provide an Email Address.

  This email address doesn’t appear to be valid.

  This email address is already registered. Please login.

  You have exceeded the maximum character limit.

  Please provide a Corporate E-mail Address.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Cloud computing, which allows businesses to deliver hosted services over the Internet, can create data residency concerns. With cloud computing, users are often unaware of their data's physical location, as cloud providers store data globally across different data center locations. Therefore, users need to be aware of their data's local residency laws and regulations. To do this, users need to know where their cloud provider's data centers are located across the globe and research the different data residency policies for each respective location. Additionally, cloud users should try to ensure their service-level agreements (SLAs) with cloud providers establish where their data can and cannot be stored.

There are many government policies and regulations that deal specifically with data privacy and residency issues. The Health Insurance Portability and Accountability Act (HIPAA) is a data privacy and security law designed to protect medical information. Payment Card Industry Data Security Standard (PCI DSS) is a set of policies to secure credit and debit cardholder information. Outside of the United States, data residency and privacy regulations include Germany's Federal Data Protection Act and the United Kingdom's Data Protection Act.

To protect data from unwanted access regardless of its geographic location, organizations can use cloud data encryption tools. Cloud encryption services transform user data into ciphertext before it's stored in the cloud. Cloud encryption service vendors include CipherCloud, Vormetric and Perspecsys, among others.

In April 2015, the Object Management Group (OMG) created the Data Residency Working Group to study data residency issues, including how to control and document data within cloud computing environments.