How to get your Company GDPR compliant with the Microsoft Cloud

The new General Data Protection Regulation (GDPR) is the most significant change to European Union (EU) privacy law in two decades. The GDPR requires that organizations respect and protect personal data – no matter where it is sent, processed, or stored. Complying with the GDPR will not be easy. To simplify your path to compliance, Microsoft is committing to be GDPR compliant across our cloud services when enforcement begins on May 25, 2018.

GDPR is part of our holistic cloud compliance investments

We are committed to our principles of cloud trust across security, privacy, transparency and compliance. We have a broad portfolio of cloud services that address the rigorous security and privacy demands of our customers, who comprise over 90 percent of Fortune 500 companies. As the GDPR enforcement begins, here is what else you can expect from us:

  • Technology that meets your needs – You can leverage our broad portfolio of enterprise cloud services to meet your GDPR obligations for areas including deletion, rectification, transfer of, access to and objection to processing of personal data. Furthermore, you can count on our extensive global partner ecosystem for expert support as you use Microsoft technologies.
  • Contractual commitments – We are standing behind you through contractual commitments for our cloud services, including timely security support and notifications in accordance with the new GDPR requirements. Our customer licensing agreements for Microsoft cloud services now include commitments to be GDPR compliant on May 25, 2018.

While OnPar Technologies is committed to helping you successfully comply with the GDPR, it is important to recognize that compliance is a shared responsibility. New requirements – like greater data access and deletion rules, risk assessment procedures, a Data Protection Officer role for many organizations and data breach notification processes – will mean changes for your organization. When it comes to GDPR compliance, it is not just European organizations that are affected, but also those outside of the EU who process data in connection with the offering of goods and services to, or monitoring the behavior of, EU residents. As such, it is important to understand your obligations related to GDPR regardless of where your organization resides.

It will take time, tools, processes, and expertise for you to comply with the GDPR. To do this, you need to make changes to your privacy and data management practices. And failure to do so could prove costly – as companies that do not meet the requirements could face reputational harm and substantial fines of 20 million euros, or 4 percent of annual worldwide turnover, whichever is greater.

The Microsoft Cloud can help

With the most comprehensive set of compliance offerings of any cloud service provider, the Microsoft Cloud through OnPar is here to support your compliance initiatives. Our commitment to privacy is proven by our actions. Microsoft was the first enterprise cloud services provider to implement the rigorous controls needed to earn approval for our contractual model clauses governing the transfer of data outside of European Union. We were the first cloud provider to achieve compliance with ISO’s important 27018 cloud privacy standard. Microsoft Azure has 53 major certifications and attestations – more than any other major public cloud provider.

When it comes to security, Microsoft's unique visibility into the evolving threat landscape can also help protect the data that moves through your systems. Our cloud footprint includes over 100 datacenters and more than 200 cloud services. We are investing over $1 billion annually in security and using our global insights to identify threats and protect your data.

This focus on privacy and security reflects the belief that our business relies on the trust of our customers, and we work hard to earn that trust. That is why OnPar and Microsoft is committing to be GDPR compliant across our cloud services.

Visit the GDPR webpage on our new Microsoft Trust Center website to learn more about how the features and functionality of Azure, Dynamics 365, Enterprise Mobility + Security, Office 365 and Windows 10 will enable you to meet the GDPR’s requirements.