Last year, the new General Data Protection Regulation (GDPR) was introduced by the European Union. The General Data Protection Regulation will enable people to better control their personal data. At the same time modernised and unified rules will allow businesses to make the most of the opportunities of the Digital Single Market by cutting red tape and benefiting from reinforced consumer trust. Microsoft today announced that they are committing to be GDPR compliant across their cloud services when enforcement begins on May 25, 2018. Microsoft highlighted the below key things which you can expect from them in 2018,
- Technology that meets your needs – You can leverage our broad portfolio of enterprise cloud services to meet your GDPR obligations for areas including deletion, rectification, transfer of, access to and objection to processing of personal data. Furthermore, you can count on our extensive global partner ecosystem for expert support as you use Microsoft technologies.
- Contractual commitments – We are standing behind you through contractual commitments for our cloud services, including timely security support and notifications in accordance with the new GDPR requirements. In March 2017, our customer licensing agreements for Microsoft cloud services will include commitments to be GDPR compliant when enforcement begins.
- Sharing our experience – We will share Microsoft’s GDPR compliance journey so you can adapt what we have learned to help you craft the best path forward for your organization.
Microsoft also mentioned that even customers have their own responsibilities to comply with the GDPR. There are new requirements like greater data access and deletion rules, risk assessment procedures, a Data Protection Officer role for many organizations and data breach notification processes.
Read more about it here.