Authors : Kishan Raj Bellala

Volume/Issue : Volume 10 - 2025, Issue 7 - July

Google Scholar : https://tinyurl.com/488pxsb6

Scribd : https://tinyurl.com/3vxypw9s

DOI : https://doi.org/10.38124/ijisrt/25jul1264

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Note : Google Scholar may take 30 to 40 days to display the article.

Abstract : Organizations that move their operations to cloud-based infrastructure face rising concerns about data privacy and regulatory compliance because of their need for enhanced agility and scalability and cost efficiency. This research investigates the intricate process of protecting data privacy within cloud environments through an examination of GDPR and HIPAA and CCPA regulatory requirements. The three regulations establish separate requirements which organizations must follow when handling personal data throughout their entire lifecycle from collection to storage and processing and data transfer. The paper examines how cloud environments create difficulties for organizations to meet regulatory requirements through their impact on data residency and shared responsibility models and visibility into data flows. The paper presents organizations with the best practices and strategies to maintain privacy standards when using cloud services by implementing robust vendor management and data encryption and compliance monitoring. The paper provides forward- thinking perspectives to demonstrate why organizations must embed privacy and compliance fundamentals into their cloud strategies to establish trust and minimize risks and maintain regulatory compliance in the digital age.

Keywords : Data Privacy, Regulatory Compliance, GDPR, HIPAA, CCPA, Cloud Infrastructure, Data Residency, Shared Responsibility Model, Data Lifecycle, Personal Data Protection, Data Storage, Data Processing, Data Transfer, Vendor Management, Encryption, Compliance Monitoring, Privacy Strategies, Digital Trust, Risk Mitigation.

References :

1. Samant, P. S. (2024). Leveraging AI for enhanced compliance with global data protection regulations in cloud computing environments. International Research Journal of Modernization in Engineering Technology and Science, 6(4). DOI: 10.56726/IRJMETS53514.
2. Fayayola, O., Olorunfemi, O., & Shoetan, P. (2024). DATA PRIVACY AND SECURITY IN IT: A REVIEW OF TECHNIQUES AND CHALLENGES. Computer Science & IT Research Journal, 5(3), 606–615. https://doi.org/10.51594/csitrj.v5i3.909
3. Maddali, R. (2024). AI-Powered Data Security Frameworks for Regulatory Compliance (GDPR, CCPA, HIPAA). International Journal of Engineering Technology Research & Management, Volume 08, Issue 04, ISSN: 2456-9348.
4. Pearson, S., & Benameur, A. (2010). Privacy, security and trust issues arising from cloud computing. In 2010 IEEE Second International Conference on Cloud Computing Technology and Science (pp. 693–702). IEEE.
5. Kshetri, N. (2013). Privacy and security issues in cloud computing: The role of institutions and institutional evolution. Telecommunications Policy, 37(4–5), 372–386.
6. Rathnam, L. (2024, April 2). GDPR – the challenges and the opportunity. Planet Compliance. https://www.planetcompliance.com/gdpr/gdpr-challenges-opportunity.
7. Thoom, S. R. (2025). Advances in data and AI governance: Navigating privacy, compliance, and trust. International Journal of Computer Engineering and Technology (IJCET), 16(1), 542-555.
8. Yusuff, M. (2023). Ensuring compliance with GDPR, CCPA, and other data protection regulations: Challenges and best practices. International Journal of Data Protection & Privacy Research.
9. Kanungo, S. (2024). Data privacy and compliance issues in cloud computing: Legal and regulatory perspectives. International Journal of Intelligent Systems and Applications in Engineering, 12(21s), 1721–1734.
10. Fakeyede, O. G., Okeleke, P. A., Hassan, A. O., Iwuanyanwu, U., Adaramodu, O. R., & Oyewole, O. (2023). Navigating data privacy through IT audits: GDPR, CCPA, and beyond. International Journal of Research in Engineering and Science, 11(11), 184-192.
11. Alzoubi, Y. I., Mishra, A., & Topcu, A. E. (2024). Research trends in deep learning and machine learning for cloud computing security. Artificial Intelligence Review, 57(5). https://doi.org/10.1007/s10462-024-10776-5.
12. Gonzalez Torres, A. P., & Sawhney, N. (2023). Role of Regulatory Sandboxes and ML Ops for AI-Enabled Public Sector Services. The Review of Socio-network Strategies, 17(2), 297–318. https://doi.org/10.1007/s12626-023-00146-y.
13. Banerjee, S. (2024). Intelligent Cloud Systems: AI-Driven Enhancements in Scalability and Predictive Resource Management. International Journal of Advanced Research in Science, Communication and Technology, 266–276. https://doi.org/10.48175/ijarsct-22840.
14. Dada, M., Daraojimba, O., Majemite, M., Nwokediegwu, Z., Obaigbena, A., & Oliha, J. (2024). Review of smart water management: IoT and AI in water and wastewater treatment. World Journal of Advanced Research and Reviews, 21(1), 1373–1382. https://doi.org/10.30574/wjarr.2024.21.1.0171.
15. Gholami, A., & Laure, E. (2015). Security and Privacy of Sensitive Data in Cloud Computing: A Survey of Recent Developments. 131–150. https://doi.org/10.5121/csit.2015.51611.
16. Singh, N. (2023a). AI and IoT: A Future Perspective on Inventory Management. International Journal for Research in Applied Science and Engineering Technology, 11(11), 2753–2757. https://doi.org/10.22214/ijraset.2023.57200.
17. Mohan, J., Wasserman, M., & Chidambaram, V. (2019). Analyzing GDPR Compliance Through the Lens of Privacy Policy (Vol. 11721, pp. 82–95). springer. https://doi.org/10.1007/978-3-030-33752-0_6
18. Singh, N., Do, Y., Yu, Y., Fouad, I., Kim, H., & Kim, J. (2024). Crumbled Cookies: Exploring E-commerce Websites? Cookie Policies with Data Protection Regulations. ACM Transactions on the Web. https://doi.org/10.1145/3708515
19. Harding, E. (Liz), Hannah Ji, L., Vanto, J. J., Ainsworth, S. C., & Clark, R. (2019). Understanding the scope and impact of the California Consumer Privacy Act of 2018. Journal of Data Protection & Privacy, 2(3), 234. https://doi.org/10.69554/tcfn5165
20. Bakare, S., Eneh, N., Adeniyi, A., & Akpuokwe, C. (2024). DATA PRIVACY LAWS AND COMPLIANCE: A COMPARATIVE REVIEW OF THE EU GDPR AND USA REGULATIONS. Computer Science & IT Research Journal, 5(3), 528–543. https://doi.org/10.51594/csitrj.v5i3.859
21. Ehimuan, B., Akagha, O., Oguejiofor, B., Reis, O., & Ob, O. (2024). Global data privacy laws: A critical review of technology’s impact on user rights. World Journal of Advanced Research and Reviews, 21(2), 1058–1070. https://doi.org/10.30574/wjarr.2024.21.2.0369
22. Shah, W. F. (2023). Preserving Privacy and Security: A Comparative Study of Health Data Regulations - GDPR vs. HIPAA. International Journal for Research in Applied Science and Engineering Technology, 11(8), 2189–2199. https://doi.org/10.22214/ijraset.2023.55551.
23. Nosowsky, R., & Giordano, T. J. (2006). The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule: Implications for Clinical Research. Annual Review of Medicine, 57(1), 575–590.https://doi.org/10.1146/annurev.med.57.121304.131257.