Understanding policies and laws around privacy and data protection for healthcare can be complicated, and monitoring your compliance can be time-consuming. This paper outlines the key considerations and guidelines around HIPAA, GDPR, and GxP that pharma companies should be aware of when moving to the cloud.