Microsoft Data Protection Requirements
Description
The Microsoft DPR (Data Protection Requirements) framework sets forth stringent security and privacy guidelines for Microsoft suppliers who handle personal and sensitive data. The DPR is part of the Supplier Security and Privacy Assurance (SSPA) program, which requires suppliers to meet annual compliance through self-attestation or independent assessments, ensuring data protection and minimizing risk, particularly when handling sensitive information such as Protected Health Information (PHI).
Overview
The Microsoft DPR is designed for suppliers and contractors who handle personal and sensitive data on behalf of Microsoft. Its purpose is to ensure suppliers maintain strong privacy and security measures, especially when processing data like PHI, in compliance with Microsoft's data protection requirements.
Related Information Security Frameworks
APPs
Australian Privacy Principles
Information Security
Learn More
CJIS
Criminal Justice Information Services Security Policy
Information Security
Learn More
CMMC
Cybersecurity Maturity Model Certification
Information Security
Learn More
COBIT
Control Objectives for Information and Related Technologies
Information Security
Learn More
EN 303 645
EN 303 645 Standard
Information Security
Learn More
FedRAMP
Federal Risk and Authorization Management Program
Information Security
Learn More