Hi All,
CISPE, the voice of Cloud Infrastructure Service Providers in Europe, announced that companies including Aruba, AWS (Amazon Web Services), Elogic, Leaseweb, Outscale, and OVHCloud are the first of its members to declare services to be compliant with its Code of Conduct for Data Protection. The CISPE Code of Conduct for Data Protection in Cloud Infrastructure (CISPE Code), validated by the European Data Protection Board (EDPB) and approved by the French Data Protection Authority (CNIL), is the first General Data Protection Regulation (GDPR) code of conduct specifically designed for cloud infrastructure service providers.
All the services declared must be verified by one of the three independent monitoring bodies accredited by the CNIL: Bureau Veritas, LNE, and EY CertifyPoint. The controlled adherence by independent monitoring bodies provides cloud infrastructure customers with an added level of assurance when developing GDPR compliant services in the cloud.
------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------