Office 365 and Compliance Standards

As managing vice president, Rob Helm covers Microsoft collaboration and content management. His 25-plus years of experience analyzing Microsoft’s technology... more

Customers may need to work with Microsoft to assess their information security and privacy rights and limitations in Office 365.

Microsoft has worked with auditors to attest to the services’ compliance with certain privacy and security standards, including the following:

European Union (EU) Model Clauses, which address international transfers of data
Family Educational Rights and Privacy Act (FERPA), which addresses use and disclosure restrictions related to student data and non-use of e-mail and document scanning for advertising purposes
Federal Information Security Management Act (FISMA), which attests that the service meets security processes required by U.S. federal agencies
Health Insurance Portability and Accountability Act (HIPAA) Business Associate Agreement (BAA), which addresses the safeguarding of protected health information in the United States
ISO 27001, which is a security benchmark attesting that the service meets a set of physical, logical, and process

Atlas Members have full access

Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.

Membership Options

Already have an account? Login Now