Microsoft Office Tutorials and References
In Depth Information
Regulatory compliance
Note
For more details about Office 365 certifications, see http://www.microsoft.com/online/
legal/v2/?docid=27 .
Regulatory compliance
Office 365 meets the standards and requirements that are outlined in certain regulatory
compliance standards such as the following:
Health Insurance Portability and Accountability Act (HIPAA)
Family Education Right and Privacy Act (FERPA)
Gramm Leach Bliley Act (GLBA)
INSIDE OUT
Criminal Justice Information Services
The newest regulatory compliance pursued by Microsoft is the Criminal Information
Services (CJIS) Security Addendum. This is available only for the Government
Community Cloud and needs to be achieved at the state level for each state. CJIS is an
interesting requirement because it is applicable only to law enforcement agencies that consume
CJIS data. Therefore, Microsoft works with each state’s CJIS representative to achieve the
necessary requirements, such as adjudication and background checks of personnel, to
jointly meet CJIS requirements with the state. After that is accomplished, all law
enforcement organizations in the state can use Office 365 and still meet CJIS requirements.
States that have worked with Microsoft to jointly sign the CJIS Addendum include Texas
and, most recently, New York. Microsoft Office 365 is the only major cloud service that
currently has this capability. To read the press release regarding Texas and CJIS, see
http://www.microsoft.com/en-us/news/Press/2013/Feb13/02-15TexasO365PR.aspx .
The key difference between certifications and regulatory compliance is that the latter does
not have a formal certification process. Instead, regulatory compliance standards rely on
scheduled audits to ensure adherence.
An organization that is required to adhere to such standards will find that the standards
tend to cover all aspects of their operations, including organization policies, processes,
security, and technology portfolio. Because Office 365 adheres to these standards, an
organization can adopt Office 365 services and be assured that the security, technology, and
services in Office 365 meet those requirements.
Search JabSto ::




Custom Search