Office 365 receives FedRAMP Authority to Operate (ATO) from HHS OIG

We are pleased to announce that Microsoft Office 365 has been granted FedRAMP Authority to Operate (ATO) by the Department of Health and Human Services Office of the Inspector General (HHS OIG). Office 365 is a multi-tenant cloud that includes government specific instances of services such as Exchange Online, SharePoint Online and Lync Online.  Government-specific instances of Office 365 services are designated for use solely by U.S federal, tribal, state and local government customers, and Federally Funded Research and Development Centers (FFRDCs).

Office 365 has completed testing against the stringent set of FedRAMP requirements, based on NIST 800-53, by Dynamic Research Corporation, a FedRAMP accredited Third Party Assessment Organization (3PAO).  The HHS OIG authorization further validates Office 365 security at the Moderate impact level to store, process and protect sensitive government data.

Read the rest of the announcement and find an FAQ here: https://blogs.office.com/2014/11/20/office-365-receives-fedramp-authority-operate-ato-hhs-oig/