ISO/IEC 27018 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect personally identifiable information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment. The HITRUST CSF rationalizes healthcare-relevant regulations and standards into a single overarching security framework. Microsoft today announced both ISO/IEC 27018 and HITRUST are now part of their Office 365 compliance capabilities.
We understand that security and compliance are extremely important to our customers so we make it a core part of how we design and manage the service. As we rapidly innovate in productivity services with Office 365, we will continue to invest in making Office 365 a service that is highly secure and compliant with global as well as regional and industry specific standards and regulations. You can learn more about security and compliance in Office 365 by visiting the Office 365 Trust Center.
Read more about it here.