SUPPORT FOR GDPR COMPLIANCE
Microsoft’s modern workplace solutions empower organisations to do more while knowing that the apps, services
and devices they use every day are helping them stay compliant.
The EU General Data Protection Regulation (GDPR) came into effect in May 2018. Its purpose is to give individuals more control over their personal data. GDPR applies to organisations – of any size, anywhere – that sell goods in the EU or process the data of individuals in the EU.
GDPR demands that organisations take appropriate measures to prevent unauthorised access to their customers’ data, and there are heavy financial penalties for breaches. Despite this, many enterprises remain non-compliant, putting their customers and licence to operate at risk.
GDPR defines personal data as “any data that relates to an identified or identifiable natural person”. This may include information stored in customer databases, feedback forms, email content, photographs or video, loyalty programmes or HR records. Because personal data can exist in many different locations, creating a thorough inventory is a significant challenge. Microsoft modern workplace solutions include tools and services to simplify and streamline the process.
The next step is to develop and implement a data governance plan. This should define policies, roles and responsibilities regarding the access, management, storage, transit and use of personal data in compliance with GDPR. While setting up robust data governance extends beyond technological solutions, Microsoft products come with built-in features that can support the development process.
GDPR demands that organisations take appropriate technical measures to protect personal data. If a breach does occur, organisations are required to inform relevant authorities within 72 hours, and in some cases individual subjects must also be notified. In this environment, organisations can benefit by having the capabilities to quickly detect and remediate intrusions before they become a serious problem. Microsoft’s comprehensive security solution combines secure cloud infrastructure and product-based features to help ensure that all these requirements are met.
GDPR raises the standards on transparency, accountability and record-keeping. Organisations need to be ready to demonstrate how they use personal data, as well as their processes for collecting, storing, transporting and destroying sensitive information. Microsoft’s modern workplace solutions incorporate a number of tools and services to help organisations reassure their customers.