On May 25th, 2018 the European Union will begin enforcing new rules for personal data protection.
These rules, known as the General Data Protection Regulation (GDPR), apply to personal data no matter where it is sent, processed, or stored.
According to Microsoft's Chief Privacy Officer, Brendon Lynch, preparing for these new regulations will not be an easy task.
"While Microsoft is committed to helping you successfully comply with the GDPR, it is important to recognize that compliance is a shared responsibility. New requirements – like greater data access and deletion rules, risk assessment procedures, a Data Protection Officer role for many organizations and data breach notification processes – will mean changes for your organization. When it comes to GDPR compliance, it’s not just European organizations that are affected, but also those outside of the EU who process data in connection with the offering of goods and services to, or monitoring the behavior of, EU residents. As such, it’s important to understand your obligations related to GDPR regardless of where your organization resides."
Lynch states that Microsoft will be GDPR compliant across all of the companies cloud services when that enforcement begins next year.
Those efforts will come across in three key areas:
- Technology that meets your needs – You can leverage our broad portfolio of enterprise cloud services to meet your GDPR obligations for areas including deletion, rectification, transfer of, access to and objection to processing of personal data. Furthermore, you can count on our extensive global partner ecosystem for expert support as you use Microsoft technologies.
- Contractual commitments – We are standing behind you through contractual commitments for our cloud services, including timely security support and notifications in accordance with the new GDPR requirements. In March 2017, our customer licensing agreements for Microsoft cloud services will include commitments to be GDPR compliant when enforcement begins.
- Sharing our experience – We will share Microsoft’s GDPR compliance journey so you can adapt what we have learned to help you craft the best path forward for your organization.
Failure to be ready for GDPR by the compliance deadline in May 2018 could result in fines of 20 million Euros ($21.2 million USD) or higher.
Microsoft has established a dedicated GDPR page at their Microsoft Trust Center to help you understand the role Microsoft's cloud services can play in helping you prepare for these new regulations.
Looking for an awesome, no-nonsense technical conference for IT Pros, Devs, and Devops? Check out IT/Dev Connections!