Yes. Typically, cloud service providers seek to meet international standards of security and privacy compliance that apply to the legal regime in which they operate. Those would address issues such as in-transit encryption of communications to and from the data centre and the encryption of data while at rest or while stored. As an initial safeguard and for transparency and trust building, there are regular audits to verify that the cloud service provider is meeting the applicable requirements.
There are best practices being used. Our association is helping to describe and communicate those, and those are available to governments or the private sector in order to manage the risks and utilize the benefits available for cloud computing.