A question was asked yesterday at my presentation about Salesforce and privacy of the data in Australia. Richard from the US pointed out some facts that turned out to be incorrect – I’ve spoken with Salesforce themselves and here’s the response:
There are numerous government agencies, financial institutions and health providers in Australia storing customer information with Salesforce who have validated we enable them to comply with privacy legislation relevant to their industries.
– Trust is salesforce.com’s number one value as a company, and privacy and security are integral to the company’s trust mission.
– Salesforce.com complies with applicable Australian privacy laws in providing the salesforce.com services to customers, including:
- The Privacy Act, including:
- The National Privacy Principles
- The Information Privacy Principles
- APRA guidance on outsourcing and off-shoring
– Salesforce.com’s privacy certifications include:
- EU/U.S. Safe Harbor
- TRUSTe Privacy Seal + Safe Harbor Seal
- TUV German privacy certification
- Japanese privacy certification
– Salesforce.com’s security audits and certifications include:
- IS0 27001
- SAS 70 Type II/SSAE 16
– Salesforce.com assists customers’ efforts to comply with requirements they’ve determined to be applicable to their use of the salesforce.com services by offering a robust set of customer-controlled privacy and security features that can be implemented.
– There are additional resources available to customers: Security Implementation Guide, Trust website.
Pingback: NSW Government Agencies Back Cloud / Software as a Service | appiBoss