Too often, organizations make the move to the cloud without considering the impact to compliance. Cloud compliance is an issue for any organization using cloud storage or backup services. You can ensure that your organization achieves compliance in the cloud for PCI DSS, HIPAA, SOC2 and other regulatory requirements, but it takes investigation and persistence to get the answers and documentation you need to prove it. Herein lies the challenge, especially as more data retention and protection rules are introduced around the globe.

https://researchcenter.paloaltonetworks.com/2018/10/use-automation-maintain-compliance-cloud/