Published: 3 May 2017

Reading time: About 2 minutes

Microsoft has committed to General Data Protection Regulation (GDPR) compliance across all Cloud services when the EU data privacy regulation comes into play on May 25th 2018. However, the company also advises that organisations will still need to take action to avoid penalties.

When GDPR comes into force next year, organisations that process data related to any citizen living within the EU will be required to comply with the regulation. GDPR will apply to companies located anywhere in the world, not just those in the EU.

Brendon Lynch, Microsoft`s Chief Privacy Officer, called GDPR “the most significant change to European Union (EU) privacy law in two decades,” In the blog post, he also notes that “Complying with the GDPR will not be easy. To simplify your path to compliance, Microsoft is committing to be GDPR-compliant across our cloud services when enforcement begins on May 25, 2018.

Although Microsoft’s commitment to a GDPR-compliant Cloud will give organisations confidence, moving operations to Cloud services will be only part of the solution for companies aiming to achieve EU GDPR compliance. “While Microsoft is committed to helping you successfully comply with the GDPR, it is important to recognize that compliance is a shared responsibility,” Lynch wrote. GDPR compliance will require companies to take steps to meet the regulation`s new requirements, including “greater data access and deletion rules, risk assessment procedures, a data protection officer role for many organizations and data breach notification processes.”

In previous posts, we have identified the steps organisations should be taking to prepare for the incoming GDPR regulation. With less than 15 months to go, it makes sense to begin these preparations now. Get in touch with Automated Intelligence to get a better understanding of your data. We can help you discover how best to get ready for GDPR.