How to get GDPR compliant with Microsoft

  • Article

By Alex Bennett, Firebrand Training

When the EU’s GDPR (General Data Protection Regulation) is introduced this year, the bar for data privacy protection in the UK will be raised.

For thousands of businesses GDPR highlights daunting issues of compliance. Organisations that fail to comply with the regulation will face massive fines: up to £17 million or four percent of global revenue, whichever is higher.

The May 25, 2018, deadline for GDPR compliance is drawing closer but many businesses, including some Microsoft Partners and customers, are unsure where to begin. Businesses cannot afford to waste time in GDPR preparation. Likewise, Microsoft Partners cannot waste the opportunity to help their customers get compliant.

Microsoft has released a set of assets that will help businesses and Microsoft partners achieve GDPR compliance. Let’s take a look at the new resources (and some older ones which deserve a mention).

GDPR Assessment: Are you ready for the GDPR?

Microsoft released a comprehensive online GDPR assessment. The multiple choice assessment is geared towards helping organisations review their overall level of GDPR readiness.

Complete the assessment and your business will receive a grade alongside a summary of your preparedness. You'll also get detailed guidance on how GDPR will affect your business, including the supporting Microsoft technologies and features that could be leveraged to help achieve compliance.

Partners can also download the accompanying GDPR Detailed Assessment, intended to be used by Microsoft partners to assist customers in assessing their journey to GDPR readiness. The GDPR Detailed Assessment is also accompanied by supporting materials to assist partners in facilitating customer GDPR assessments.

GDPR Compliance Demos

Microsoft has also introduced a GDPR product demo for Microsoft 365 Enterprise, showcasing features for GDPR compliance. The current demo begins with a video introduction, an interactive scenario and a hands-on demo designed for technical teams going deeper. You can access it here.

There’s no official word from Microsoft but we might expect to see more compliance demos on other Microsoft products going forward.

GDPR Activity Hub

This is one for the techies - the GDPR Activity Hub is an open source project from Microsoft that acts a starting point for building a management hub for implementing GDPR.

The goal of this project, states Microsoft, is “to give customers and partners something to play with in order to keep track of all the fundamental events, requests, tasks and activities required to be compliant with the GDPR.”

The fundamental goal of this project is to show how businesses can use Microsoft technology, like SharePoint, Office UI Fabric and Office 365, to easily build GDPR solutions.

You can download the GDPR Activity Hub on GitHub now.

Resources for partners

There are also a wealth of resources that support Microsoft partners in making the most of GDPR as a market opportunity. As well as those previously mentioned, which are equally applicable for partners, Microsoft have also introduced the following:

Prepare for GDPR

Microsoft is committed to helping customers achieve GDPR compliance and have committed that their technology will be GDPR compliant by May 2018.

This pledge, alongside new GDPR resources, will help assure businesses on their road to compliance. But to be fully compliant in time for GDPR, businesses will also need to invest in skilling-up their staff and nominating their designed Data Protection Officer.

Whilst Microsoft does not provide any GDPR specific training, organisations that need to also skill up their employees can turn to third-party training providers for GDPR training. Combined with Microsoft’s resources, you’ll help ensure your business is ready by May 25, 2018.