Tell me more ×
Answers OnStartups is a question and answer site for entrepreneurs looking to start or run a new business. It's 100% free, no registration required.
up vote 2 down vote favorite
1

I am thinking about working on a .com startup that involves providing a service to people or businesses via a web application. The service would store user data and information that a company might deem sensitive or at least not want to be compromised or lost.

What are my liabilities for protecting this data? Is this generally not a good idea? If I use another company for the storage of the data, like a hosting provider's database server or cloud storage, can I simply defer the liability to that company?

share|improve this question

1 Answer

up vote 2 down vote accepted

You can't defer liability -- that's what liability insurance is for. The level to which you go to protect your data depends on sensitivity of your data and sensitivity of your customers to a breach. Cloud and colo service providers should be able to provide you with a level of security that they commit to contractually (at least all the reputable ones will), and you can evaluate their fit for your needs based on that information.

share|improve this answer
If I had an end user agreement that stated I wasn't responsible for any data loss, would that fly? – BoxerBucks Mar 11 '11 at 3:54
This seems to contradict your original question a bit, at least in spirit. If you waive responsibility, why would a potential client trust you with sensitive data? My advice would be to not make any promises you can't keep, be transparent, get liability insurance, and consult with an attourney. – Michael Teper Mar 11 '11 at 9:40

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.