Resource Center

Resource Center

BLOG

Data Privacy vs. Data Security: What is the Core Difference?
 

BLOG

What is Third Party Risk and Why Does It Matter?
 

BLOG

What Schrems 2 Means for your Privacy Shield Program
 

BLOG

​Schrems 2 – 12 FAQs Published by the EDPB but Little Practical Guidance
 

BLOG

EU Court of Justice Decision - Privacy Shield Invalidated; Standard Clauses Challenged​​
 

ARTICLE

Cloud Security Alliance Announces Availability of Key Cloud Security Assessment and Guidance Documents in 10 Additional Languages
 

BLOG

How CSA is Working to Address Privacy
 

BLOG

Joint Controllership: A Collection of Recent Guidance
 

ARTICLE

European Cloud Security Project Leaves Rich Legacy of Materials for Cloud Stakeholders
 

SURVEY REPORT

Beyond the General Data Protection Regulation (GDPR)
Data residency insights from around the world. This study reveals the top data protection concerns and strategies of more than 800 senior business professionals from eight countries and a range of industries. Beyond the European Union’s General Data Protection Regulation (GDPR) and other regulatory developments, enterprises think data privacy can create competitive advantage. What drives their decisions and investments in data management? Do they place their faith in cloud providers? Are they prepared to meet regulatory mandates and exceed customer expectations?
 

WHITEPAPER

Code of Conduct (CoC): Statement of Adherence 3rd Party Certification
CSA PLA Code of Conduct for GDPR Compliance provides a consistent and comprehensive framework for complying with the EU’s GDPR. The CSA PLA Code of Conduct for GDPR Compliance is designed to be an appendix to a Cloud Services Agreement to describe the level of privacy protection that a Cloud Service Provider will provide.
 

WHITEPAPER

PLA Code of Conduct (CoC): Statement of Adherence Self-Assessment
CSA PLA Code of Conduct for GDPR Compliance provides a consistent and comprehensive framework for complying with the EU’s GDPR. The CSA PLA Code of Conduct for GDPR Compliance is designed to be an appendix to a Cloud Services Agreement to describe the level of privacy protection that a Cloud Service Provider will provide.
 

WHITEPAPER

Cloud Security Alliance Code of Conduct for GDPR Compliance (Updated - May 2019)
The CSA Code of Conduct is designed to offer both a compliance tool for GDPR compliance and transparency guidelines regarding the level of data protection offered by the Cloud Service Provider.

No matter whether you are an enterprise Data Protection Officer using cloud services or a Cloud Service Provider, the CSA Code of Conduct for GDPR Compliance provides a consistent and comprehensive framework for complying with the EU’s GDPR. The CSA Code of Conduct is designed to offer both a compliance tool for GDPR compliance and transparency guidelines regarding the level of data protection offered by the Cloud Service Provider.

This can be used to submit a self-assessment to the CSA STAR Registry.

Benefits | STAR Program | Working Group | Related Training
 

BLOG

Happy Birthday GDPR! – Defending Against Illegitimate Complaints
 

BLOG

EU GDPR vs US: What Is Personal Data?
 

BLOG

GDPR Is Coming: Will the Industry Be Ready?
 

BLOG

Cloud Security and Compliance Is a Shared Responsibility
 

BLOG

Australia's First OAIC Breach Forecasts Grim GDPR Outcome