Microsoft has offered information privacy and security standards for customers operating in the European Union and United States through Microsoft Office 365, the company’s cloud productivity service.
Under the contractual commitment, Microsoft will sign the EU’s model clauses, which will help customers certify compliance with the European Commission’s stringent Data Protection Directive, and the US-mandated Health Insurance Portability and Accountability Act (HIPAA).
In addition, Microsoft also released Office 365 Trust Center which provides in-depth information about the privacy and security practices for Office 365.
EU contractual clauses include legitimising the transfer of personal data via international networks to locations outside the European Economic Area (EEA). When included in service agreements with data processors, the model clauses assure customers that appropriate steps have been taken to help safeguard personal data, even if data is stored in a cloud-based service centre located outside the EEA.
In addition, the model clause also says that European regulators have the option to request that customers halt the use of a service that hasn’t taken appropriate steps to safeguard personal data until they have evaluated the service and deemed it compliant with EU data protection and security standards.
Microsoft has included a data-processing agreement that was developed in view of the specifics of member-state regulations to streamline the use of cloud-based services for customers operating under additional compliance requirements.
Additionally, Microsoft has developed its online services to provide physical, administrative and technical safeguards that facilitate full compliance with HIPAA requirements.
Microsoft International president Jean-Philippe Courtois said developing cloud-based productivity tools that meet the needs of European businesses means more than simply building apps in a browser.
"Microsoft has a more complete approach to European data protection and security laws than any other company, and we’re proud of the work we’ve done to ensure the widest range of organizations can move to the cloud with confidence — or choose an equally functional on-premises option," said Courtois.