The GDPR, the General Data Protection Regulation, is by far the most significant change to privacy law in the European Union (EU) in two whole decades. Why? Because the GDPR requires that organizations respect and protect personal data – no matter where it is sent, processed or stored.
The GDPR in few words:
- Enhances personal privacy rights
- Increases the duty for data protection
- Consistent rules for everyone
- Significant penalties for non-compliance
Why is GDPR a hot topic
If your organization is compliant with current European law, chances are you are close to being GDPR Compliant. However, due to the extent of the work required to comply with existing law and the negligible impact of non-compliance, many organization have – perhaps unwittingly – ignored the requirements for compliance. So, for many companies, GDPR compliance will require a great effort. However, the similarities to the existing law have led to some arguing that the main difference between existing law and GDPR is the severity of the penalties. Penalties upwards of 4% of a company’s global turnover or €20M – whichever is greater. For global conglomerates, the 4% could be the top parent entity’s total turnover. For smaller companies it means they risk having to pay the €20M – not complying means risking crippling penalties.
Getting GDPR compliant with Microsoft Cloud services
As mentioned, complying with the GDPR will not necessarily be easy. To simplify your path to compliance, Microsoft is committing to their principles of cloud trust. In other words, to be GDPR compliant across their many different cloud services when the enforcement starts May 25, 2018.
Microsoft’s commitment to their principles of cloud trust goes across security, privacy, transparency, and compliance. They have a broad portfolio of cloud services that address the security and privacy demands of all their customers and customers include over 90 percent of Fortune 500 companies. With this large customer database, Microsoft actually has the largest amount of personal data in the world due to all their consumer services.
What you can expect from Microsoft when the GDPR takes place:
- Technology that meets your needs – Microsoft has a broad portfolio of cloud services that are compliant with the GDPR obligations. This includes areas as deletion, rectification, transfer of, access to and objection to processing of personal data. AlfaPeople can help you with expert support, when implementing Microsoft cloud technologies.
- Contractual commitments to GDPR – Microsoft’s customer licensing agreements for cloud services include a commitment to GDPR compliance and both Microsoft and AlfaPeople will help you through contractual commitments for cloud services, including timely security support and notifications in accordance with the new GDPR requirements.
- Sharing the experience – Microsoft will share the experiences they get, so you can adapt what we have learned to help you see the best path forward for your organization.
GDPR compliance is not made over night
Both Microsoft and AlfaPeople can help you a long way to get GDPR compliant, but the journey also requires you to take your own organizational actions. Unfortunately, it’s not possible to buy a complete system, product or service that makes you GDPR compliant. The right technology can assist you in getting to compliance & the right platform can make compliance a much more accessible task! Microsoft Dynamics 365 is a safe choice in this matter.
With the GDPR there will be new requirements to address. For example, greater data access and deletion rules, risk assessment procedures, implementation of a Data Protection Officer role and data breach notification processes. These changes will mean changes for your organization. Also, it is important to remember that it’s not just European organizations that are affected. Also those outside of the EU who process data in connection with the offering of goods and services to, or monitoring the behavior of EU residents. As such, it’s important to understand your obligations related to GDPR regardless of where your organization resides.
A failure to get GDPR compliant could be a costly affair. Companies that do not meet the requirements may face reputational harm and substantial fines of 20 million euros, or 4 percent of annual worldwide turnover, whichever is greater.
How AlfaPeople can help you getting GDPR compliant
AlfaPeople is a Gold Microsoft Partner and Cloud CRM Partner of the Year in Denmark. We will strive to help our customers getting GDPR compliant. We are used to working with large, international projects within CRM and ERP, more precisely Microsoft Dynamics 365 solutions. These solutions often involve a great amount of personal information, security demands and Change Management. Thus, our experience makes us able to understand how the GDPR requirements need to be addressed.
AlfaPeople can help you get ready for the GDPR with a 3-step approach involving assessment and analysis of processes supported by the Microsoft Dynamics 365 platform. With a thorough analysis, we can provide customers with actionable insights into areas and processes affected by the GDPR, and subsequently help to prioritize, plan and implement actions which are found to be necessary to achieve GDPR compliance.
To get more information about how AlfaPeople can help you and your company getting ready for the GDPR – don’t hesitate to contact us.