Does Azure OpenAI fall under the DPA?

Hello @Adrian Røstenskar

Azure OpenAI Service is now generally available (GA) and is covered under Microsoft’s Products and Services Data Protection Addendum (DPA).

The earlier guidance you found from 2023 reflected Azure OpenAI’s preview status at that time. Preview services are generally excluded from the full scope of Microsoft’s standard DPA commitments. Since Azure OpenAI is now a GA Azure service, it is covered by the same contractual privacy, security, and compliance commitments that apply to other Microsoft Azure services.

Can You Use Azure OpenAI to Process PII?

Yes, you can use Azure OpenAI to process personally identifiable information (PII), provided your use complies with applicable laws, regulations, and your organization’s internal policies.

This includes scenarios involving customer data, employee information, or other sensitive personal data, as long as you have an appropriate legal basis for processing and implement the necessary safeguards.

Data Protection Commitments

Data processed by Azure OpenAI including prompts, completions, embeddings, and fine-tuning files—is protected under Microsoft’s enterprise-grade security and privacy controls:

• Data is encrypted in transit and at rest
• Your data is isolated within your Azure tenant
• Your prompts and outputs are not used to train or improve Microsoft or OpenAI foundation models without your explicit consent
• Your data is not shared with other customers
• Your data is not shared with OpenAI

These protections are part of Microsoft’s commitment to enterprise data privacy and confidentiality.

Compliance Considerations

Azure OpenAI inherits Microsoft Azure’s broad compliance portfolio. For regulated workloads:

• GDPR: Supported under Microsoft’s role as a data processor
• HIPAA: Azure OpenAI is covered under Microsoft’s Business Associate Agreement (BAA), which is included through the DPA for eligible customers
• Other industry and regional compliance standards may also apply depending on your deployment scenario

If you plan to process regulated data such as PHI, financial data, or other sensitive information, we recommend reviewing the relevant compliance documentation and validating that all services and features used are in GA.

Important Note About Preview Features

While Azure OpenAI Service itself is GA, certain models or features may still be in Preview. Preview features are subject to separate terms and may not be covered by the full DPA commitments.

Before processing production PII, please ensure that all models and features in your solution are in General Availability status.

Security Best Practices

To further protect sensitive data, we recommend:

• Using Azure RBAC for access control
• Enabling Private Endpoints or virtual network integration
• Applying customer-managed keys if required
• Implementing data minimization and masking where appropriate
• Following your organization’s retention and governance policies

Please refer this

Understand Azure OpenAI Data Privacy: https://learn.microsoft.com/legal/cognitive-services/openai/data-privacy?tabs=azure-portal

Microsoft Products and Services Data Protection Addendum (DPA): https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA

Azure OpenAI and HIPAA Compliance: https://learn.microsoft.com/azure/compliance/offerings/offering-hipaa-us

Manage Data Privacy in Azure OpenAI: https://learn.microsoft.com/legal/cognitive-services/openai/data-privacy?tabs=azure-portal

I Hope this helps. Do let me know if you have any further queries.

If this answers your query, please do click Accept Answer and Yes for was this answer helpful.

Thank you!

Azure OpenAI (as an Azure Direct Model in Microsoft Foundry) is now covered by the Microsoft Products and Services Data Protection Addendum (DPA), not excluded as it was during earlier preview phases.

The applicable documentation states that Azure Direct Models, including Azure OpenAI models:

• Are governed by the Microsoft Products and Services Data Protection Addendum.
• Store and process data to provide the service and to monitor for uses that violate the applicable product terms.
• Ensure that prompts, completions, embeddings, and training data:
  1. Are not available to other customers.
  2. Are not available to OpenAI or other Azure Direct Model providers.
  3. Are not used by those providers to improve their models or services.
  4. Are not used to train any generative AI foundation models without customer permission or instruction.
  5. Are not used to improve Microsoft or third‑party products or services without explicit customer permission or instruction.

Because Azure OpenAI is treated as an Azure Direct Model governed by the DPA, it can be used to process personal data, including PII, provided that:

• The use complies with the Microsoft Product Terms and the DPA.
• Any additional regulatory or contractual obligations (for example, data residency, sector‑specific rules) are satisfied by the overall solution design.

For scenarios involving sensitive data, organizations should also consider:

• Data loss prevention controls available for Azure OpenAI, which allow configuration of the list of outbound URLs the resource can access to help prevent data exfiltration.
• General Azure security and compliance guidance applicable to their industry and region.

References:

• Data, privacy, and security for Azure Direct Models in Microsoft Foundry
• Azure security baseline for Azure OpenAI
• Azure OpenAI frequently asked questions