CSA Issues New Code of Conduct for GDPR Compliance

On November 21, the Cloud Security Alliance (CSA) released their Code of Conduct for compliance with the European General Data Protection Regulation (GDPR).  The GDPR Code of Conduct (the "Code") provides cloud service providers, cloud customers, and potential customers with guidance to assist with complying with the new requirements found within the GDPR.    

The CSA About web page states they are the "world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment." (1)

The Code is structured to meet the mandatory data protection requirements under Directive 95/46/EC as well as the upcoming requirements of the GDPR.  

"...the CSA Code of Conduct for GDPR Compliance is of fundamental importance as it gives guidance for legal compliance and the necessary transparency on the level of data protection offered by the CSPs (Cloud Service Providers)." - Paolo Balboni, European ICT, privacy and data protection lawyer, and co-chair of the Privacy Level Agreement Working Group (2)   

Key Link(s):