Posted by Marc Crandall, Head of Global Compliance, Google for Work
Editor's note: Our guest blogger this week is Marc Crandall, Head of Global Compliance at Google for Work. A lawyer and long time Googler, Marc focuses on regulatory matters involving privacy and security.
We regularly hear from our customers that assessing data protection compliance in various countries around the world can be challenging. Protecting the privacy and security of our customers’ information is a top priority, and we take compliance very seriously. That’s why we've been working hard to make things a bit easier for you.
We recently launched a new legal and compliance section of the
Google Admin console where Google Apps administrators can find pointers to useful information, such as security and privacy certifications, third-party audits and data center and subprocessor information. This will be helpful to everyone, from those who manage their own domain to legal, security and privacy compliance specialists.
Another important resource for Google Apps for Work customers is our
data processing amendment, which we’ve offered to customers since 2012. Customers that use our products
for Work and
for Education are often subject to data protection and
compliance regulations. To help address this, in addition to our commercial agreements, we offer a data processing amendment that describes Google’s specific data protection commitments for your Google Apps information.
If you operate in a regulated industry, having Google’s data protection obligations in writing helps demonstrate to regulators that we take significant and concrete steps to protect your information. For customers subject to laws implementing the European Union’s
Data Protection Directive, our data processing amendment also contractually binds us to remain enrolled in the U.S Department of Commerce Safe Harbor Program. And we indicate that Google Apps customers may opt-in to
model contract clauses with Google.
While the data processing amendment does not affect the functionality of Google Apps, we believe customers with regulatory compliance considerations will find the amendment useful. You can
access the data processing amendment from within the Admin console.
Millions of organizations use Google for Work today — they come from all sectors and more than half of our customers operate outside of the United States. You rely on Google to provide strong data protection capabilities, in compliance to your specific needs. With these tools in place, we hope to make it easier for you and third parties to verify that. For more information, visit our
Google for Work and
Google for Education trust site.