In a rush..
Microsoft has updated its SSPA requirements. Suppliers who are part of the SSPA program are now required to be assessed (self or independent) against the new version 10 data protection requirements (DPRs).
One of the most significant differences from version 9 is the introduction of DPRs targeted at artificial intelligence (AI). Section K, ‘AI Systems’, has seventeen new requirements.
If you are a Microsoft supplier, and you provide services to Microsoft involving ‘AI Systems’, including using tools, systems, or platforms with AI Technology to train and build intelligent systems to create entirely new content such as images, sounds, videos, insights, analysis, and/or text, you will need to address Section K.
This supplier profile requires that you have specific AI Systems terms in place with Microsoft. It automatically triggers the requirement for an independent assessment of compliance.
Call us for more in depth guidance.