Microsoft addresses privacy concerns on both sides of the Atlantic
Microsoft has made its Office 365 cloud-based service more attractive to US and European customers concerned with legal issues around data sovereignty.
The company has added support for the European Commission’s “Model Clauses”, which regulate how personal data is stored even when the physical location of the data storage lays beyond the borders of the European Economic Area.
Model clauses, introduced in 2010, assure customers that appropriate steps have been taken to help safeguard personal data, regardless of where it’s stored. European regulators have the power to ask customers to stop using services that don’t take proper security steps, or include these model clauses in their service agreements.
In the US, Microsoft has moved to comply with strict Department of Health (DoH) regulations around patient data privacy and protection. The company will include Business Associate Agreement contract provisions originally drafted by the DoH in compliance with the for all service agreements with the Health Insurance Portability and Accountability Act (HIPAA).
In a statement, the company said: "As part of its contractual commitment to customers, Microsoft will now sign the EU's Model Clauses, which will help customers certify compliance with the European Commission’s stringent Data Protection Directive, and the US-mandated Health Insurance Portability and Accountability Act (HIPAA)."
Security and data safety has become a key factor in the battle of the cloud vendors, and Microsoft claims to have gone a step further than its competitors by including a ‘robust data processing agreement’, taking into account that some EU member states have more stringent data rules.
“Microsoft has a more complete approach to European data protection and security laws than any other company,” said Jean-Philippe Courtois, president, Microsoft International. “We’re proud of the work we’ve done to ensure the widest range of organizations can move to the cloud with confidence — or choose an equally functional on-premises option.”
- » Tipping the scales in the cloud: From security risk to security’s friend
- » How to improve privileged users' security experiences with machine learning
- » How to prevent AIOps from becoming just another cog in the machine
- » Doubling down on disaster recovery-as-a-service – for business continuity and beyond
- » McAfee notes gap between cloud competence and transformation – with CASBs key to success