Become a Member My Atlas
Insights
Training
Advisory & Negotiation
Free Resources
About
Contact Us
Search
Become a Member

Updated: March 13, 2023 (March 13, 2023)

  Analyst Report

Understanding Microsoft’s Data Protection Addendum

My Atlas / Analyst Reports

1,158 wordsTime to read: 6 min
Barry Briggs by
Barry Briggs

Before joining Directions on Microsoft in 2020, Barry worked at Microsoft for 12 years in a variety of roles, including... more

  • The DPA defines how customers and Microsoft share responsibility for protecting customer data in Microsoft online services.
  • Microsoft cloud customers should review the DPA and how it maps to their data to avoid breaking laws, regulations, or organizational policies.
  • The DPA applies to most of Microsoft’s online services, but not all.

The Data Protection Addendum (DPA), attached to volume licensing and other agreements, details the shared responsibilities that customers and Microsoft have with respect to data maintained in Microsoft’s cloud services, referred to as “online services” in the document. (In this report, “customer” refers to the signatory of the agreement with Microsoft.)

For an overview of the concept of shared responsibility, see the illustration “The Shared Responsibility Model.”

Note: this report provides an overview of the DPA; however, its contents are not legal advice, and customers should review this report with their legal counsel.

Atlas Members have full access

Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.

Membership Options

Already have an account? Login Now