Microsoft is planning to be GDPR compliant across its cloud services by the deadline of May 25, 2018, and will be holding workshops and webinars to help its customers and partners meet the fast-approaching date.
GDPR will require many companies headquartered outside of the EU to comply with European data protection rules, and many businesses are still unprepared. Microsoft is calling on its customers and partners to understand their obligations related to GDPR as “compliance is a shared responsibility.”
“The new General Data Protection Regulation (GDPR) is the most significant change to European Union (EU) privacy law in two decades,” Microsoft chief privacy officer Brendon Lynch said in a blog post. “The GDPR requires that organizations respect and protect personal data – no matter where it is sent, processed or stored.”
Lynch said that customers can leverage Microsoft’s cloud services to help meet GDPR obligations and “can count on our extensive global partner ecosystem for expert support as you use Microsoft technologies.”
Starting next month, Microsoft’s customer licensing agreements for its cloud services will include commitments to be GDPR compliant when enforcement begins.
According to Lynch, Microsoft will share its GDPR compliance journey to help its customers in navigating their own GDPR compliance strategies.
“It will take time, tools, processes and expertise for you to comply with the GDPR. To do this, you need to make changes to your privacy and data management practices,” Lynch said. “And failure to do so could prove costly – as companies that do not meet the requirements could face reputational harm and substantial fines of 20 million euros, or 4 percent of annual worldwide turnover, whichever is greater.”