cancel
Showing results for 
Search instead for 
Did you mean: 
Knowledge Sharing Hub
Dive into a collaborative space where members like YOU can exchange knowledge, tips, and best practices. Join the conversation today and unlock a wealth of collective wisdom to enhance your experience and drive success.
cancel
Showing results for 
Search instead for 
Did you mean: 

Mapping Compliance Standards to Industries: A Comprehensive Guide

hari-prasad
Valued Contributor

Brief Guideline: Mapping Compliance Standards to Industries

This guide provides a detailed mapping of various compliance standards to their respective industries, highlighting the specific sectors and descriptions for each standard. Understanding these alignments helps organizations ensure they meet the necessary regulatory requirements and maintain robust security practices.

hariprasad_0-1736536895255.png

Navigating Compliance Standards Across Cloud Platforms with Databricks

Databricks supports compliance standards across all three major cloud platforms: AWS, Azure, and Google Cloud. This enables industries to choose the cloud platform that best aligns with their additional security standards.

Here is a brief overview: 

  1. AWS: Databricks on AWS supports compliance standards such as HIPAA, PCI-DSS, FedRAMP High, FedRAMP Moderate, and more

  2. AzureDatabricks on Azure also supports a wide range of compliance standards, including HIPAA, PCI-DSS, FedRAMP High, FedRAMP Moderate, and others

  3. Google CloudDatabricks on Google Cloud supports compliance standards like HIPAA, PCI-DSS, and others.

In addition to the compliance standards, you mentioned (HIPAA, IRAP, PCI-DSS, FedRAMP High, FedRAMP Moderate, UK Cyber Essentials Plus, and CCCS Medium (Protected B)), Databricks on Azure and Google Cloud also supports other compliance standards. Here are some additional compliance standards supported by Databricks on these platforms:

Azure

  1. ISO/IEC 27001:

    • An international standard for information security management systems (ISMS).
  2. SOC 2 Type II:

    • A report on controls relevant to security, availability, processing integrity, confidentiality, and privacy.
  3. GDPR (General Data Protection Regulation):

    • A regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.
  4. C5 (Cloud Computing Compliance Criteria Catalogue):

    • A standard defined by the German Federal Office for Information Security (BSI) for cloud security.

Google Cloud

  1. ISO/IEC 27017:

    • A code of practice for information security controls based on ISO/IEC 27002 for cloud services.
  2. ISO/IEC 27018:

    • A code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors.
  3. SOC 1 Type II:

    • A report on controls relevant to financial reporting.
  4. SOC 3:

    • A general use report on controls relevant to security, availability, processing integrity, confidentiality, and privacy.

Databricks ensures that its platform meets the necessary security and compliance requirements across these cloud providers, making it a versatile choice for organizations with diverse compliance needs.

#Compliace #DataSecurity



Regards,
Hari Prasad
0 REPLIES 0

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.

If there isn’t a group near you, start one and help create a community that brings people together.

Request a New Group