Author: Chad Woolf

French version German version I’m happy to announce that AWS has declared 52 services under the Cloud Infrastructure Service Providers Europe Data Protection Code of Conduct (CISPE Code). This provides an independent verification and an added level of assurance to our customers that our cloud services can be used in compliance with the General Data […]

I’m pleased to share a video of a conversation about privacy I had with my colleague Laura Dawson, the North American Lead at the AWS Institute. Privacy is becoming more of a strategic issue for our customers, similar to how security is today. We discussed how, while the two topics are similar in some ways, […]

Today, I’m pleased to announce the launch of Cloud Audit Academy AWS-specific (CAA AWS-specific). This is a new, accelerated training program for auditing AWS Cloud implementations, and is designed for auditors, regulators, or anyone working within a control framework. Over the past few years, auditing security in the cloud has become one of the fastest […]

Financial institutions across the globe use AWS to transform the way they do business. It’s exciting to watch our customers in the financial services industry innovate on AWS in unique ways, across all geos and use cases. Regulations continue to evolve in this space, and we’re working hard to help customers proactively respond to new […]

Today, we’re happy to announce that the AWS GDPR Data Processing Addendum(.pdf) is now part of our online Service Terms. This means all AWS customers globally can rely on the terms of the AWS GDPR DPA which will apply automatically from May 25, 2018, whenever they use AWS services to process personal data under the GDPR. The AWS […]

The EU’s General Data Protection Regulation (GDPR) describes data processor and data controller roles, and some customers and AWS Partner Network (APN) partners are asking how this affects the long-established AWS Shared Responsibility Model. I wanted to take some time to help folks understand shared responsibilities for us and for our customers in context of […]

Oct 3, 2019: We’ve updated a sentence to clarify that AWS services can be used in compliance with GDPR. Security is our top priority at AWS, and from the beginning we have built security into the fabric of our services. With the introduction of GDPR (which becomes enforceable on May 25 of 2018), privacy and […]

Oct 3, 2019: We’ve updated a sentence to clarify that AWS services can be used in compliance with GDPR. Today, I’m very pleased to announce that all AWS services can be used in compliance with the General Data Protection Regulation (GDPR). This means that, in addition to benefiting from all of the measures that AWS […]

AWS has added 16 more AWS services to its Payment Card Industry Data Security Standard (PCI DSS) compliance program, giving you more options, flexibility, and functionality to process and store sensitive payment card data in the AWS Cloud. The services were audited by Coalfire to ensure that they meet strict PCI DSS standards. The newly compliant AWS services are: Amazon […]

AWS has launched a digital tour of an AWS data center, providing you with a first-ever look at how AWS secures data centers around the world. The videos, pictures, and information in this tour show you how security is intrinsic to the design of our data centers, our global controls, and the AWS culture. As […]