With roughly 160 requirements, the complexities of the GDPR could have far-reaching impacts to how you gather, use, and manage data. For companies that need to comply with GDPR, this regulation signifies more than just updating policies. It is a new responsibility that must be upheld across all levels of the business. If your organization collects and analyzes data tied to EU residents, no matter where they are, the countdown to May 2018's deadline for GDPR compliance is on.
Key elements of the GDPR include ensuring individuals have enhanced rights to their data; increased responsibility for protecting data; mandatory data breach reporting; and steep sanctions for non-compliance. At Microsoft, we see these elements manifest as an organization's need for scalable solutions to protect sensitive information. Your platforms should aid your organization's ability to answer three questions about sensitive data: who has it, where is it, and what is being done with it?
It will take time to become compliant, but knowing where to begin can help you make progress. To get started, we recommend you focus on three key steps.
Assess your compliance risk by determining what personal data you have, where it resides, and govern how it is used and accessed
Manage and protectpersonal data to help prevent data leaking inside or outside your organization
Classify and label data so that persistent protection and governance policies can be applied for sensitive data
Identify and encrypt documents containing personal data located across your entire business ecosystem
Place restrictions on files that match specific personal data types or match keyword queries
Streamline the reporting process on personal data within your organization for visibility into how it is labeled and protected
Leverage logs and reports to analyze how sensitive data is distributed, including document tracking and revocation for users and admins
We understand that organizations with GDPR responsibilities will have additional needs to demonstrate compliance, and we are investing in tools to help you achieve those goals.
Watch this free on-demand webcast 'Protect personal data for GDPR with Microsoft 365', and learn how Microsoft 365 can help you quickly identify personal data and create policies to better safeguard against leakage. Tune in and learn how you can take control of your GDPR compliance journey.