The Strato cloud based Software-as-a-Service offering, processing sensitive personal information, for health care related purposes demanding strong information security capabilities.
Microsoft Windows Azure
Auditdata’s Audiology Office Management System Strato is developed using the Microsoft Windows Azure technology in accordance with the Auditdata product development processes compliant and certified with key industry standards such as ISO/IEC 27001:2013 Information Security Management System and ISO/IEC 13485 Quality Management Systems for Medical Devices.
The Strato service is operated by the Auditdata’s Cloud Operations unit included in the ISO 27001 certificate scope by April 2013.
Strato runs in the Microsoft Windows Azure data centers managed and operated by Microsoft Global Foundation Services (GFS). These geographically dispersed data centers also comply with key industry standards, such as ISO/IEC 27001:2013, for security and reliability. They are managed, monitored, and administered by Microsoft operations staff that have years of experience in delivering the world’s largest online services with 24 x 7 continuity.
In addition to datacenter, network, and personnel security practices, Windows Azure incorporates security practices at the application and platform layers to enhance security for application developers and service administrators.
Auditdata’s selection of Cloud provider is accompanied by a comprehensive Cloud Computing Service Provider Risk Assessment, in accordance with the ENISA Cloud Computing Risk Assessment Check List (European Network and Information Security Agency) in line with the recommendations of the Danish Data Protection Agency (Datatilsynet), for cloud based processing of sensitive personal data.
To support Auditdata customers in the security evaluation of the Strato service, Auditdata has created a white paper to outline how essential Strato information security controls map to the ISO 27001 security controls providing customers with in-depth information on Auditdata security policies and procedures. The white paper is available on request at firstname.lastname@example.org.
To learn more about the compliance capabilities of Microsoft Windows Azure, please visit Windows Azure Trust Center.