Microsoft Boosts Office 365 Regulatory Compliance | PCWorld Business Center
“In the U.S., for contracts with health-care companies that have to comply with the Health Insurance Portability and Accountability Act (HIPAA), Microsoft will include Business Associate Agreement (BAA) contract provisions drafted by the U.S. Department of Health that address legal requirements around patient data privacy and protection.”
The article above is a great example of companies such as Microsoft who are stepping up to help companies who have to comply with US and European regulations. Companies are going to have to start being more proactive in addressing regulatory and compliance requirements in their industries. But rather than being driven by compliance driven data security and privacy requirements, it’s better for companies to follow a software security assurance process such as the Microsoft Security Development Lifecycle that can provide prescriptive security process guidance that can help reduce vulnerabilities in their software.