| Source | Azure Portal | ||||||
| Display name | Microsoft Managed Control 1870 - Information Sharing with Third Parties | ||||||
| Id | 18573dd5-899f-453d-b069-fa77b61fe257 | ||||||
| Version | 1.0.0 Details on versioning |
||||||
| Versioning |
Versions supported for Versioning: 0 Built-in Versioning [Preview] |
||||||
| Category | Regulatory Compliance Microsoft Learn |
||||||
| Description | Microsoft implements this Use Limitation control | ||||||
| Additional metadata |
Name/Id: ACF1870 / Microsoft Managed Control 1870 Category: Use Limitation Title: Information Sharing with Third Parties - 3rd Party PII Description And Use Ownership: Customer, Microsoft Description: Where appropriate, enters into Memoranda of Understanding, Memoranda of Agreement, Letters of Intent, Computer Matching Agreements, or similar agreements, with third parties that specifically describe the PII covered and specifically enumerate the purposes for which the PII may be used; Requirements: Subprocessors may access data only to deliver the functions in support of online services that Microsoft has hired them to provide and are prohibited from using data for any other purpose. They are required to maintain the confidentiality of this data and are contractually obligated to meet strict privacy requirements that are equivalent to or stronger than the contractual commitments Microsoft makes to its customers in the Online Services Terms. Subprocessors are also required to meet EU General Data Protection Regulation (GDPR) requirements, including those related to implementing appropriate technical and organizational measures to protect personal data. Microsoft requires subprocessors to join the Microsoft Supplier Security and Privacy Assurance Program. This program is designed to standardize and strengthen data handling practices, and to ensure supplier business processes and systems are consistent with those of Microsoft. Subprocessors who have access to customer data and personal data are subject to heightened requirements. |
||||||
| Mode | Indexed | ||||||
| Type | Static | ||||||
| Preview | False | ||||||
| Deprecated | False | ||||||
| Effect | Fixed audit |
||||||
| RBAC role(s) | none | ||||||
| Rule aliases | none | ||||||
| Rule resource types | IF (2) Microsoft.Resources/subscriptions Microsoft.Resources/subscriptions/resourceGroups |
||||||
| Compliance | Not a Compliance control | ||||||
| Initiatives usage | none | ||||||
| History |
|
||||||
| JSON compare | n/a | ||||||
| JSON |
|