Microsoft is the first and only major cloud productivity provider to have ISO 27001 certification, EU Model Clauses (a robust Data Processing Agreement) and HIPAA compliance.

The new white paper "Privacy in the Public Cloud: The Office 365 Approach" examines Microsoft's broad approach to privacy governance and describes how these principles and processes have been applied to our latest cloud-based productivity service, Office 365

If you want in-depth information about the privacy and security practices for Office 365 you can visit the Office 365 Trust Center