I /haven't/ followed these links, but I assume the biggest issue for Australian-based cloud services -- that this sort of data should not go offshore -- is covered somewhere in there.
-- Regards, Mark Hurd, B.Sc.(Ma.)(Hons.) On 25 February 2015 at 14:06, Greg Keogh <g...@mira.net> wrote: > FYI - I just found this at > http://azure.microsoft.com/en-us/support/trust-center/compliance/ > > It specifically mentions "healthcare", but I'd like to know if any major > hospitals are using Azure storage -- Greg K > > Australian Government Information Security Registered Assessors Program > (IRAP) > > Azure has been assessed against the Australian Government Information > Security Registered Assessors Program (IRAP) and a letter of compliance has > been issued for in-scope services. The IRAP assessment provides assurance > for public sector customers (and the partners that serve them) that > Microsoft has appropriate and effective security controls in place for the > processing, storage and transmission of Unclassified Sensitive data within > Microsoft Azure. Unclassified Sensitive data represents the majority of > federal government, healthcare, education and state government data in > Australia.