Windows Azure Privacy, Security and Compliance
One of the questions that is very common among customers is what is the security compliance of Azure? This is a very short question with a very long answer. To shorten your search visit the Microsoft Azure Trust Center.
At the time of this posting the Trust center has provided compliance framework for ISO/IEC 27001:2005, SOC 1 and SOC 2 SSAE 16/ISAE 3402, Federal Risk and Authorization Management Program (FedRAMP), Payment Card Industry (PCI), Data Security Standards (DSS) Level 1, United Kingdom G-Cloud Impact Level 2 Accreditation, Family Educational Rights and Privacy Act (FERPA), and HIPAA Business Associate Agreement (BAA).
All of these can be reviewed from the Microsoft Azure Trust Center Compliance Page and the Microsoft Azure Trust Center Resources page. Be sure to read the FAQ as well, it covers many of the questions I hear related to who has access to my data and how are Azure Security Audits actually done.
Other links:
Privacy authorities across Europe approve Microsoft’s cloud commitments