wordpress blog stats
Connect with us

Hi, what are you looking for?

Govt data stored in cloud networks should be located in India: MEITY

All government related data from state and central departments residing in cloud storage networks should be located servers in India and not in foreign countries, the Ministry of Electronics & Information Technology (MEITY) said in its latest set of guidelines. These guidelines must be followed by cloud service providers, every time they sign a contract with a government entity for data storage.

The new guidelines specify that any company looking to offer cloud services to government entities will first need to go through rigorous Standardisation Testing and Quality Certification (STQC) which is issued by the MEITY itself.  STQC testing for cloud storage companies specifies certain benchmarks, standard encryptions techniques etc. to ensure that sensitive data being stored on the cloud is safe.  As of now,

As of now, MEITY has certified 11 companies that can provide cloud solution to government departments. These include Microsoft, HP, IBM India, Tata Communications, Bharat Sanchar Nigam Limited (BSNL), Net Magic IT Services, Sify Technologies and CtrlS Data Centers.

Additionally, the cloud provider must agree to all requests from law enforcement entities. “The onus shall be on the Service Provider to perform all due diligence before releasing any such information to any such law enforcement agency,” the guideline added.

Contract clauses for agreements for cloud providers

Advertisement. Scroll to continue reading.

Apart from this, MEITY has specified certain contractual terms that may be included in the agreements between the cloud service provider and government entity:

– Central search system for govt: The cloud provider should place an “e-discovery” system to allow search and retrieval of data stored in the cloud. This system can be accessed only by a government entity “in the context of or criminal cases/proceedings or investigation,” MEITY said. This could mean a dashboard with an inbuilt search system that can be accessible to the government entity only.
Encryption for sensitive data: A clause that mandates data encryption as a “standard security process” for all sensitive and confidential data maintained by the government in the cloud.
Prior notification for foreign companies requesting data: MEITY added that the agreement can mandate the cloud provider to notify all instances of security breaches, intrusions, and requests from foreign government agencies for access to data stored in the cloud. Any unauthorized access by employees of either partygovernment or cloud providershould also be reported to it.
– Cloud provider should ensure the security of government data: The cloud solution provider must treat information passed on to them “as classified”. Information stored on the cloud should not be published or advertised by the cloud provider to any person or organization without permission from the government entity.

ReadGuidelines for Government Departments On Contractual Terms Related to Cloud Services (pdf)

Written By

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ