Compliance-Driven Data Governance: A Survey on GDPR, and HIPAA in Cloud Databases

Abstract

Data management by allowing organizations to manage huge volumes of sensitive data in distributed cloud databases. Although this paradigm provides scalability and operational efficiency, it is in violation of legal frameworks, it has significant privacy and security problems, particularly with The Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation (GDPR). Data governance has become a crucial field in compliance that focuses on the legality and compliance of a given data practice, but also the effectiveness and reliability of cloud data. This article provides an exhaustive survey of data governance of cloud databases where specific focus on GDPR and HIPAA. It looks at the main principles of data stewardship, classification and retention and deletion policies, anonymization, encryption, and auditability and examines how they apply in cloud settings. Moreover, new methods, such as those based on AI with regard to compliance frameworks and metadata-based governance, are considered to outline their benefits and drawbacks. The results reveal that there are still ongoing challenges of balancing rigorous governance processes that can provide privacy, security and compliance in dynamic distributed cloud systems. The study offers a systematic insight to guide practitioners and researchers to come up with effective, scalable, and compliant data governance models that find application in cloud-based environments.