Le Lézard
Classified in: Science and technology, Business
Subjects: NPT, TDS, FOR

Cloud Security Alliance Issues Code of Conduct Self-Assessment and Certification Tools for GDPR Compliance


SEATTLE and LONDON, June 6, 2018 /PRNewswire-USNewswire/ -- InfoSecurity Europe Conference -  The Cloud Security Alliance (CSA), the world's leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today released the CSA Code of Conduct (CoC) Self-Assessment. An essential tool for those charged with General Data Privacy Requirements (GDPR) compliance, the CSA CoC Self-Assessment provides a transparent means for standardizing compliance initiatives.

Cloud Security Alliance Logo. (PRNewsFoto/Cloud Security Alliance)

"The CSA Code of Conduct for GDPR Compliance is a comprehensive and complete resource for supporting cloud providers' compliance and fostering accountability and transparency in the market. Today, with the release of the CSA CoC Self Assessment, we are offering cloud service providers the opportunity to openly demonstrate to business partners and regulators evidence of their adherence to the GDPR requirements. The CSA CoC Self Assessment acts as the assurance and transparency component of the STAR Program," said Daniele Catteddu, CSA Chief Technology Officer, lead outside counsel and Privacy Level Agreement (PLA) Working Group co-chair. "We believe it will go a long way toward providing the industry with a standard for accurate compliance with the GDPR."

"The release of the CSA CoC Self Assessment serves two purposes," said Paolo Balboni, European ICT, privacy and data protection lawyer, and co-chair of the PLA Working Group. "First, to afford cloud service providers (CSP) a means to demonstrate, in a structured way, the level of personal data protection they offer, and second, to provide cloud customers and potential customers a tool to evaluate and compare the level of personal data protection offered by various CSPs. And while the CSA CoC Self-Assessment is not verified by a qualified third-party, it does offer transparency regarding the level of protection offered by a cloud service provider."

CSPs and cloud customers that would like to adhere to the CSA CoC for GDPR should submit the CoC Statement of Adherence and Privacy Level Agreement Template documents. CSA will then verify that a "good faith" effort has been made to thoroughly address the entire Code of Conduct and then will publish the Self Assessment on STAR. The applicant will receive a self-attestation compliance mark once all the necessary conditions are satisfied.

Those interested in learning more about the CSA Code of Conduct for GDPR Compliance should visit the CSA GDPR Resource Center, a community-driven website with tools and resources to help educate cloud service providers and enterprises on the new European data protection regulation.

The CSA PLA Working Group is comprised of independent privacy and data protection subject matter experts, privacy officers, and representatives from data protection authorities. It was formed in 2012 to help transpose the Art. 29 WP and EU National Data Protection Regulators' recommendations on cloud computing into an easy-to-use outline for CSPs to follow when disclosing personal data-handling practices. The scope and objective of the PLA initiative were previously presented to the European Parliament as part of discussions on the potential effect of the proposed General Data Protection Regulation on cloud computing. Since then, the PLA Working Group engages in defining a structured method for communicating the level of privacy that a CSP agrees to maintain.

About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA's activities, knowledge, and extensive network benefit the entire community impacted by cloud ? from providers and customers to governments, entrepreneurs, and the assurance industry ? and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.

SOURCE Cloud Security Alliance


These press releases may also interest you

at 12:45
Flowing Cloud Technology Ltd ("Flowing Cloud" or the "Company"); Stock Code: 6610.HK) is pleased to announce the audited consolidated results of the Company and its subsidiaries (collectively, the "Group") for the year ended December 31, 2023 (the...

at 12:29
Consolidated Credit wants consumers to spring forward into a new season of learning. The focus is on improving fiscal futures through education, saving strategies, and building stability.  ...

at 12:15
ResBiotic Nutrition, Inc. (ResBiotic), the pioneering physician-developed pre/probiotic wellness scale-up, proudly announces the appointments of Stefany Nieto as Vice President of Operations and Brittany Zenner as Director of Marketing. Nieto is a...

at 12:10
The National Fire Protection Association® (NFPA®), a global self-funded nonprofit organization devoted to eliminating death, injury, property, and economic loss due to fire, electrical, and related hazards, today announced the establishment of NFPA...

at 12:05
HTEC, a global digital consulting, software engineering, and product development company, is announcing a strategic collaboration with G2 Risk Solutions (G2RS), the preeminent provider of end-to-end bankruptcy technology solutions. Under the...

at 12:05
Enterprise Connect, the leading conference and exhibition for enterprise communications and customer experience (CX), brought IT decision-makers together to improve business communications and CX. Attendees explored industry trends and technologies...



News published on and distributed by: