This post was authored by Induprakas Keri, Chief Product Security Officer
We are pleased to announce that Xi Cloud services and Clusters have achieved ISO 27701:2019 Privacy Information Management System (PIMS) certification. ISO 27701 is considered to be the first internationally recognized privacy certification and is the privacy extension of the ISO 27001 security management standard. ISO 27701 builds upon the same 27001 requirements, controls, and objectives associated with the collection and processing of personally identifiable information (PII) and other types of personal data consistent with the General Data Protection Regulation (GDPR).
These privacy controls are implemented and maintained through a PIMS. The Nutanix Xi Cloud PIMS, which is comprised of Xi Leap, Xi Beam, Xi Epoch, Xi Frame, Xi IoT, Xi Insights, Xi File Analytics, and Clusters has received an accredited ISO/IEC 27701:2019 certification as a data processor and data controller. Coalfire issued this certification against the rigorous requirements, the details of which can be found on Nutanix Trust Portal.
A PIMS is a collection of processes, technology, and people that assist an organization with protecting personal data. The PIMS serves as a top-down management view of data privacy and provides guidance on how to implement and manage privacy controls for organizations serving as a data controller and/or data processor. For an organization to have a compliant PIMS, they must also have a compliant Information Security Management System (ISMS).
Nutanix’s PIMS provides customers with clear roles and responsibilities in protecting personal data and a template to reduce the time and cost associated with implementing privacy controls. A PIMS also improves the effectiveness of business relationships where personal data is shared across industries and country borders.
Privacy is becoming increasingly important in the cloud computing industry. Achieving this certification of Nutanix PIMS demonstrates to our customers that our products include processes and operations that are validated through independent testing and support compliance with related privacy laws and legislation, including the GDPR and California Consumer Privacy Act (CCPA).
This certification aligns Nutanix PIMS with the ISO standard for privacy, broadening our enterprise cloud story by establishing priorities and commitment to our customers around security, compliance, and privacy.
2020 Nutanix, Inc. All rights reserved. Nutanix, the Nutanix logo and the other Nutanix products and features mentioned on this post are registered trademarks or trademarks of Nutanix, Inc. in the United States and other countries. All other brand names mentioned on this post are for identification purposes only and may be the trademarks of their respective holder(s). This post may contain links to external websites that are not part of Nutanix.com. Nutanix does not control these sites and disclaims all responsibility for the content or accuracy of any external site.