Background: The adoption of generative AI within cloud-based business environments has accelerated, raising concrete concerns related to data governance, privacy, security, and regulatory compliance.

Objective: To systematically review peer-reviewed studies (2020–2024) examining how generative AI influences data governance, privacy protection, and business process management in cloud settings.

Methods: Five databases (IEEE Xplore, ACM, SpringerLink, ScienceDirect, and arXiv) were searched for studies published between 2020 and 2024. From 2,500 records screened using PRISMA criteria, 20 studies met the inclusion requirements. Data were analyzed through thematic synthesis and descriptive reporting of study characteristics.

Results: Six themes were identified: data governance and privacy (12/20, 60%), security challenges (11/20, 55%), business process applications (10/20, 50%), ethical and legal issues (9/20, 45%), cloud integration (8/20, 40%), and innovation versus regulation (7/20, 35%). Of the included studies, 7/20 (35%) were empirical and 13/20 (65%) were conceptual or theoretical. Adversarial attacks were assessed in 3/20 (15%) studies, while algorithmic bias appeared in 8/20 (40%), indicating uneven coverage of core risk areas.

Conclusion: Based on the findings, three key recommendations are proposed. First, organizations should adopt adaptive AI governance frameworks that integrate privacy, security, and compliance mechanisms across cloud environments. Second, investment in empirical security testing particularly for adversarial robustness and data leakage prevention is essential. Third, policymakers should develop sector-specific regulatory sandboxes to enable controlled experimentation with generative AI systems while ensuring compliance with data protection standards.