Azure Privacy, Compliance, and Data Protection Facts Flashcards
Microsoft Privacy Statement
The Microsoft Privacy Statement outlines issues related to personal data. It applies to all Microsoft products, including services, apps, software, servers, and devices. Topics include:
Personal data Microsoft collects
How collected data is used
Reasons for sharing personal data
Information about cookies, web beacons, and other data collection tools
Situation and product-specific privacy information
Methods for accessing and controlling a user’s data
Online Services Terms (OST)
The Online Services Terms (OST) is a legal agreement. When customers sign the OST, they agree to the privacy terms and conditions that apply to the purchased online service(s).
Data Protection Addendum (DPA)
The Data Protection Addendum (DPA) is an addendum to the OST. It provides additional information about the data processing and security terms and conditions for purchased service(s). Topics include:
Government compliance
Data security
Data handling
Trust Center
The Microsoft Trust Center is a website for an individual or an organization who wants to learn more about all of Microsoft’s privacy, security, and compliance efforts. If you’re trying to determine whether a service is compliant with a particular standard or regulation, the Trust Center would be the best place to begin your research.
Criminal Justice Information Services (CJIS)
Criminal Justice Information Services (CJIS) was created to address information and data security for the criminal justice and law enforcement fields. It is a collection of requirements and standards for local, state, and federal agencies.
Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act (HIPAA) is a standard created to address information and data security for the health care field.
International Organization of Standards/International Electrotechnical Commission (ISO/IEC)
The ISO/IEC standards include the following enforcements for cloud-stored data. These standards ensure that customer data is not used for marketing or advertising purposes and that the data will not be shared unless there is a legally binding order for disclosure.
National Institute of Standards (NIST)
The NIST is an agency of the U.S. Department of Commerce. The NIST encourages technological advancements and provides recommendations for data protection.
