I’m announcing that Azure has achieved adherence to the EU Cloud Code of Conduct (EU Cloud CoC), developed for cloud providers to align with the EU’s General Data Protection Regulation (GDPR). The EU Cloud CoC is the first GDPR code of conduct that has received the European Data Protection Board (EDPB) positive opinion, which was followed by final approval led by the Belgian Data Protection Authority. The EU Cloud CoC also marks the 100th compliance offering for Azure, more than any other cloud provider, providing customers a high level of assurance through controls, evidence, and verification.
The EU Cloud CoC serves as a basis for implementing the requirements of Article 28 of the GDPR for cloud providers acting as business-to-business processors under the GDPR. Because the EU Cloud CoC is approved by the EDPB, Azure customers can use Azure’s adherence to help demonstrate their own GDPR compliance, as well as cite it as a risk mitigator in a GDPR Data Protection Impact Assessment (DPIA). Article 40 of the GDPR specifically encourages the creation of codes of conduct, so as “to contribute to the proper application of the regulation.” SCOPE Europe acts as the independent monitoring body of the EU Cloud CoC.
“This verification of adherence for over 140 Azure services shows the broadness and robustness of our monitoring scheme, which applies strong safeguards to ensure that declared services are meeting all requirements set out in the Code. With the support of key companies like Microsoft, and now with its final approval, the EU Cloud Code of Conduct has solidified its position as an unparalleled market standard capable of ensuring GDPR compliance while fostering continuous innovation and growth.”—Jörn Wittmann, Managing Director, SCOPE Europe
0 comments:
Post a Comment