Microsoft stunner – is Office 365 SRA compliant? UPDATED AGAIN!
Just had a message in from a top 200 UK law firm saying they have been informed that Microsoft Office 365 is not SRA compliant. One of the firm’s partners told the Insider “The Solicitors Regulation Authority tell us that it is our responsibility to use compliant software but they won’t comment on individual products.”
UPDATE: Opinions are split from a legalistic “the risk assessment issues suggest Office 365 isn’t there yet” in terms of UK compliance – through to “it’s all misleading misinformation” by people who don’t know what they are talking about! The most positive response we’ve had is the suggestion the issue centres on this provision…
Firms must be able to ensure that their provider
can agree to SRA access to inspect data in order to
meet Outcome 7.10 of the SRA Code of Conduct.
Microsoft doesn’t allow physical access to either its Dublin or Netherlands datacentres as they are secure, high security sites however this is a non-issue because the law firm can still provide the data to SRA because they can keep a local copy of data as required. Here’s a copy of the SRA guidance on Cloud Computing cloud-computing-law-firms-risk