Microsoft addresses privacy concerns on both sides of the Atlantic

Microsoft has made its Office 365 cloud-based service more attractive to US and European customers concerned with legal issues around data sovereignty.

The company has added support for the European Commission’s “Model Clauses”, which regulate how personal data is stored even when the physical location of the data storage lays beyond the borders of the European Economic Area.

Model clauses, introduced in 2010, assure customers that appropriate steps have been taken to help safeguard personal data, regardless of where it’s stored. European regulators have the power to ask customers to stop using services that don’t take proper security steps, or include these model clauses in their service agreements.

In the US, Microsoft has moved to comply with strict Department of Health (DoH) regulations around patient data privacy and protection. The company will include Business Associate Agreement contract provisions originally drafted by the DoH in compliance with the for all service agreements with the Health Insurance Portability and Accountability Act (HIPAA).

In a statement, the company said: "As part of its contractual commitment to customers, Microsoft will now sign the EU's Model Clauses, which will help customers certify compliance with the European Commission’s stringent Data Protection Directive, and the US-mandated Health Insurance Portability and Accountability Act (HIPAA)."

Security and data safety has become a key factor in the battle of the cloud vendors, and Microsoft claims to have gone a step further than its competitors by including a ‘robust data processing agreement’, taking into account that some EU member states have more stringent data rules.

“Microsoft has a more complete approach to European data protection and security laws than any other company,” said Jean-Philippe Courtois, president, Microsoft International. “We’re proud of the work we’ve done to ensure the widest range of organizations can move to the cloud with confidence — or choose an equally functional on-premises option.”

Related Stories

Leave a comment


This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.