An anonymous reader writes: I provide IT services for medium sized medical and law practices and have been getting a lot of feedback from doctors and lawyers who use gmail at home and believe that they can run a significant portion of their practice IT on Google Apps. From a support standpoint, I'd be happy to chuck mail/calendar service management into the bin and let them run with gmail, but for these businesses, there is significant legal liability associated with the confidentiality of their communications and records (eg HIPPA).
For those with high profile celebrity clients, stating that "Google employees can read your stuff" will usually end the conversation right there, but for smaller practices I often get a lot of pushback in the form of "What's wrong with trusting Google?" and "Google's not interested in our email/calendar". Weighing what they see as a tiny legal risk against the promise of Free IT Stuff(TM) becomes increasingly difficult in the face of the clear functionality/usability/ubiquity that they experience when using Google at home. So my question to the Slashdot community is this:
Are they right? Is it time for me to remove the Tin Foil Hat from their confidentiality obligations and stop resisting the juggernaut that is Google?
If not, what's the best way to clarify the confidentiality issues?