Compliance is an important factor for customers when looking at software and services as they look to meet their own compliance obligations across regulated industries and markets worldwide. For example, ISO 27001 certification is a security standard that provides a baseline set of requirements for many other international standards and regulations and HIPAA (Health Insurance Portability and Accountability Act) is a US law that establishes requirements for the use, disclosure, and safeguarding of protected health information (PHI).
For that reason, we are excited to announce that Azure Search has been certified for several levels of compliance including:
- ISO 27001:2013
- SOC 2 Type 2
- GxP (21 CFR Part 11)
- HIPAA and the HITECH Act
- HITRUST
- PCI DSS Level 1
- Australia IRAP Unclassified
With these certifications and attestations, we hope to enable Azure Search as a viable option for customers looking to meet and attain key international and industry-specific compliance standards within their solutions.
Azure compliance offerings are grouped into four segments: globally applicable, US government, industry specific, and region/country specific. To view an overview of Azure Search as well as other Microsoft Azure compliance offerings, please visit the Microsoft Trust Center. In addition, you can directly download a document that provides an up to date scope statement indicating which Azure customer-facing services are in scope for the assessment, as well as links to downloadable resources to assist customers with their own compliance obligations.
If there are other areas of compliance you would like to see us support, please let me know.