Beginning your General Data Protection Regulation (GDPR) Journey
It’s challenging to stay ahead of the curve when it comes to regulations. But in May 2018, an important law will take effect that you need to know about: The General Data Protection Regulation (GDPR). It protects and enables people’s privacy rights. In this article we have give you a short presentation of what GDPR is, why you should care, the key implications and how you should prepare. Thankfully, Microsoft has also produced an in-depth white paper that interprets the GDPR; find the white paper at the end of this article.
What is the GDPR?
It’s a European law that sets a new global bar for privacy rights, security, and compliance. The GDPR imposes rules on organizations that offer goods and services to people in the EU (or that collect and analyze data tied to EU residents)—no matter where those businesses are located. It establishes strict worldwide privacy requirements that govern how personal data is managed and protected, regardless of where that data is sent, processed, or stored.
Why should you care?
The complex law is impactful because it will require profound changes by organizations worldwide—including yours. It could require significant changes in how you gather, use, and manage personal data. It affects companies, government agencies, non-profits, and other organizations.
Key implications of the GDPR
For EU citizens, the law ensures that people have the right to access their personal data, correct any inaccuracies, erase data, object to processing of their personal data, and move their data. It’s all about enhancing personal privacy rights.
And for organizations? More responsibility and accountability for protecting personal data, and mandatory reporting in the case of a personal data breach. Any breach that poses a risk to people’s rights and freedoms must be quickly reported to supervisory authorities. As such, the GDPR can have a significant impact on your business. You’ll probably need to update company privacy policies; strengthen data protection protocols and breach-notification procedures; initiate more transparent data management policies; and invest in additional training and IT solutions.
The law takes effect on May 25, 2018
The GDPR actually became law in the EU in 2016, but a two-year transition period was included so that organizations would have enough time to become fully compliant. So, May 2018 is what you need to plan for. ASAP.
What is Microsoft doing to prepare for the GDPR?
Microsoft is committed to be GDPR compliant across their cloud services when the law takes effect. In their white paper, they share clear steps that organizations can take to start their own journeys towards GDPR compliance. And Microsoft Windows 10 can effectively help address some of the GDPR requirements.
Read the Microsoft white paper
We strongly recommend that you take time to read the 31-page white paper, find it here Beginning_your_GDPR_Journey. You’ll gain a deeper understanding of what your organization needs to do to achieve the privacy goals set out in the GDPR. You can accelerate GDPR compliance with the Microsoft Cloud, and partner with Microsoft to take action and ensure compliance. But as with all legal matters, you should also work with legal professionals to learn how the law applies specifically to your organization. And how you can best ensure compliance. So get started: reading the Microsoft white paper is a smart first step.