Microsoft Embeds the EU's Data Transfer Rules into Office 365
Top Line: Microsoft will sign Office 365 contracts containing the EU's model data protection clauses
(PresseBox) - In 2010, the European Commission published a set of model clauses that can be added to services contracts where the service provider remotely processes personal data (either about employees or customers) on behalf of the customer. The clauses commit the service provider - whether an outsourced, hosted or cloud service - to observing the rules of the EU Data Protection Directive.
Microsoft says it is now able to sign contracts for Office 365 that contain these model clauses - in other words, it complies with the Data Protection Directive. Microsoft also says that Office 365 complies with the US HIPAA rules that protect healthcare data.
Bottom Line for ICT Buyers:
1. If you operate in or across Europe, and you store personal data about staff or customers, you will already be aware of your responsibilities under the EU Data Protection Directive. Hosting and outsourcing service providers will almost certainly comply with its rules, but since cloud services providers are the 'new kids on the block', you will need to check that they fulfill its requirements by asking them specific questions -- in particular, if they are willing to sign contracts with the model clauses.
2. Some countries have data transfer requirements that are more stringent and the EU's transfer rules may not be enough. Microsoft says that it meets or exceeds the requirements of all EU member states. Again, you will have to ask specific questions of your cloud services vendors. It is not just U.S. vendors that should be aware of the directive: European suppliers may find themselves out of compliance if they have built their data transfer requirements for one country (e.g. the UK) and now offer them in another (e.g. Germany). Cloud services vendors from the UK in particular need to ensure that they are ready to meet the more stringent privacy requirements of other European countries.
3. A wide range of business applications (often cloud based) are becoming 'socialized' to improve collaboration and business effectiveness. This means that the personal data of employees and business partners will be captured and stored either deliberately or inadvertently by many types of applications that previously contained no personal information. You will have to be careful to ensure that this scope creep does not inadvertently affect your own compliance.
Datum: 20.12.2011 - 14:33 Uhr
Sprache: Deutsch
News-ID 98778
Anzahl Zeichen: 2545
contact information:
Town:
Frankfurt am Main
Kategorie:
Manufacturing & Production
Diese Pressemitteilung wurde bisher 260 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"Microsoft Embeds the EU's Data Transfer Rules into Office 365"
steht unter der journalistisch-redaktionellen Verantwortung von
IDC Central Europe GmbH (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
