COPPA compliance for Azure and Azure SQL Database

Question

COPPA compliance for Azure and Azure SQL Database

Robert Atkinson 0

Azure has an extensive list of compliance, but COPPA is not explicitly mentioned there.

Does this mean Azure does not comply with COPPA?
And if it isn't, can we still store our database in Azure SQL and somehow achieve the compliance?

P.S. I see it's already compliant with ISO-27001, GDPR, FERPA, HIPAA, so maybe those or other certifications already cover the cases with COPPA.

GeethaThatipatri-MSFT 24,207 Reputation points Microsoft Employee

2023-11-09T20:56:35.44+00:00

Hi @Robert Atkinson I am checking to see if you got a chance to look into the below responses. Please let me know if you have any further questions.

If this answers your question, please consider accepting the answer by hitting the Accept answeras it helps the community look for answers to similar questions.

Regards

Geetha

GeethaThatipatri-MSFT 24,207 Reputation points Microsoft Employee

2023-11-09T20:56:35.44+00:00

Hi @Robert Atkinson I am checking to see if you got a chance to look into the below responses. Please let me know if you have any further questions.

If this answers your question, please consider accepting the answer by hitting the Accept answeras it helps the community look for answers to similar questions.

Regards

Geetha

Answer 1

Alberto Morillo 32,011 MVP

Azure SQL Database is not officially certified or verified as COPPA compliant. One important thing to consider is that COPPA is not only dependent on the technology or service provider, but also depends on the practices and policies of the online service operator. Situated on that context, probably the best you can do is to evaluate your own service and practices and seek legal advice to determine your compliance status and obligations with COPPA. Please review the guidance and resources provided by the Federal Trade Commission (FTC) here.

Robert Atkinson 0 Reputation points

2023-11-14T10:10:49.3666667+00:00

Thank a lot for the response!

We follow the policies on our end, our main concern is whether we can move our database to Azure SQL, or if Azure might break the compliance.
Alberto Morillo 32,011 Reputation points MVP

2023-11-14T12:38:39.3466667+00:00

Using Azure SQL won't break the compliance status that has been earned. Azure SQL not only offers high performance and scalability, bu also security and compliance for your data. Azure SQL Database has been compliant for many years with many strict industry standards and regulations, such as ISO, GDPR, FERPA, and HIPAA. Azure SQL Database has been built to make applications and solutions compliant with Government and industry-wide regulations and standards. Here you will find how Azure SQL offers controls that make the product compliant with more than 20 regulations.

Answer 2

GeethaThatipatri-MSFT 24,207 Microsoft Employee

Hi @Robert Atkinson Welcome to Microsoft Q&A thanks for posting your question.

Thanks to @Alberto Morillo for providing the information. in addition to it.

Please refer to below link for the detailed information and more specifically COPPA applicability on Azure section in the below link

https://docs.microsoft.com/en-us/sql/relational-databases/security/authentication-access/windows-authentication-database-engine?view=sql-server-ver15

User's image

Regards

Geetha

Robert Atkinson 0 Reputation points

2023-11-14T10:13:27.36+00:00

Thanks for the response!

Does this mean that we will still comply with COPPA if we follow the policies on our end but store the data on Azure?

COPPA compliance for Azure and Azure SQL Database

2 answers

Activity