+ 0 Votes Does not really apply robo_dev 2 years ago The road does not need to be compliant with the Federal vehicle safety standards. The controls related to most, if not all, compliance requirements happen at the application layer and relate to securing the data, not the infrastructure. While the owner of the data does due diligence to make sure the provider meets their security requirements, they are responsible for ensuring that controls over the data, such as encryption, are in place so that the controls over the infrastructure are irrelevant. The one issue that is important with hosting providers is that data privacy laws vary from country to country, while the entity that is responsible for the data may be in the US. Therefore if a US based hospital has its medical records on an outsourced server in India, and there is a data breach, there may be US laws that are broken, but no laws broken where the data is actually located. This complicates the legal issues considerably. + 0 Votes Thanks chaniska 2 years ago Thanks for the update. was trying to get some idea on this matter. + 0 Votes Thanks chaniska 2 years ago Thanks for the update. was trying to get some idea on this matter.