Privacy Commissioner Marie Shroff says some businesses are flying blind to the risks of privacy breaches with cloud computing, though she does believe that these can be managed.
Cloud computing involves storing and manipulating data online.
Ms Shroff says firms are responsible for what happens to customer information and any breach could hit a company's bottom line.
She has released a checklist for small to medium businesses to help mitigate the risks.
Meanwhile, an international survey has revealed many firms found difficulties in setting up and using cloud computing.
A KPMG survey of 650 senior executives across 16 countries found nearly a third said installing cloud computing was more expensive than expected.
Another third found integrating it with their existing IT systems particularly difficult.
New Zealand was not part of the survey because the market is still too small, but KPMG says the findings reflect the situation here.
In New Zealand, KPMG management consulting partner Chandan Ohri says only a third of businesses have moved to some form of cloud computing, compared to more than half of companies in the US and Europe.
Mr Ohri says many firms fail to reap the full benefits of cloud computing because they don't change their business model.
He predicts cloud computing will become more popular once the New Zealand Cloud Computing Code of Practice register is launched in May this year.
The voluntary register sets out best practice requirements for service providers.
