First published on MSDN on May 24, 2017
Data privacy and data security have become one of the most prominent topics in organizations in almost every industry across the globe. New regulations are emerging that formalize requirements around these topics, and compel organizations to comply.
The upcoming EU Global Data Protection Regulation (GDPR) is one of the most noteworthy of these new regulations.
The GDPR takes effect on May 25, 2018 and sets a new global bar for privacy rights, security, and compliance. It mandates many requirements and obligations on organizations across the globe. Complying with this regulation will necessitate significant investments in data handling and data protection for a very large number of organizations.
Microsoft SQL customers who are subject to the GDPR, whether managing cloud-based or on-premises databases or both, will need to ensure that qualifying data in their database systems is aptly handled and protected according to GDPR principles. This means that many customers will need to review or modify their database management and data handling procedures, especially focusing on the security of data processing as stipulated in the GDPR.
A new whitepaper published today gives Microsoft SQL customers technical guidance for how to approach GDPR compliance with Microsoft SQL technologies. It outlines a methodical, phased approach to reaching compliance within the IT infrastructure, and details Microsoft SQL built-in technologies that can assist at the data tier layer along the way.
We hope you will find this information useful, and we affirm Microsoft's commitment to supporting customers in their data privacy and security initiatives, including compliance with the GDPR and other relevant directives and regulations.