Achieving compliance with the General Data Protection Regulation (GDPR), the new data privacy law from the European Union (EU), is not a one-time activity but is an ongoing process. When the GDPR goes into effect on May 25, 2018, individuals will have greater control over their personal data. Additionally, the GDPR imposes new obligations on organizations that collect, handle, or analyze personal data. Implementing the right processes and organizational changes to comply with the GDPR will not be an easy task, but Microsoft is here to help. With 10 chapters, 99 articles, and 160 requirements the GDPR is a complex law, and implementing all this will be a challenge, so Microsoft has created a highly detailed guide.
Our colleagues from Microsoft France recently published a detailed implementation guide,GDPR - Get organized and implement the right processes, available in bothEnglishandFrench. The guide provides customers with a methodology for creating and executing a GDPR compliance program in their organization. It describes the necessary steps for achieving GDPR compliance through a plan, do, check, act (PDCA) approach using Microsoft Cloud services such as Azure, as shown in the diagram below.