Microsoft is serious about earning your trust as shown through their contractual commitments to the General Data Protection Regulation.
Easy Cloud in Partnership with Microsoft is here to help
Please have a look at Microsoft’s white paper How Microsoft Azure Can Help Organizations Become Compliant with the EU General Data Protection Regulation to gain an understanding of how your organization can use currently available features in Azure to optimize your preparation for GDPR compliance. We are here to help you with your compliance efforts in the face of the coming EU law.
May 25, 2018: a new era begins for data privacy
On this date in a little less than a year, the new European Union (EU) data protection law will be implemented, replacing the old Data Protection Directive, which has been in effect since 1995. The new law, known as the General Data Protection Regulation (GDPR), gives individuals greater control over their personal data and imposes many new obligations on organizations that collect, handle, or analyze personal data.
This is what we do
Easy Cloud and Azure has developed a tradition of compliance which gives our customers the tools they need to comply with complex regulations. Our attention to, and preparation for the impact of GDPR continues to show how we equally prioritize the best cloud technology with the best compliance offerings.
Additional information about how Microsoft helps you to fulfill specific GDPR requirements are available at the GDPR section of their Microsoft Trust Center.
Recommended Tools
- Azure Active Directory (Azure AD)
- Azure AD Privileged Identity Management
- Azure Information Protection
- Service Trust Portal
- Compliance Manager
- Azure Security Center
- Enterprise Mobility + Security
Additional Steps to Ensure GDPR Compliance
[one-half-first]
Personal privacy
Individuals have the right to:
- Access their personal data
- Correct errors in their personal data
- Erase their personal data
- Object to processing of their personal data
- Export data
[/one-half-first]
[one-half]
Controls and notifications
Organizations will need to:
- Protect personal data using appropriate security
- Notify authorities of personal data breaches
- Obtain appropriate consents for processing data
- Keep records
[/one-half]
[one-half-first]
Transparent policies
Organizations are required to:
- Provide clear notice of data collection
- Outline processing purposes and use cases
- Define data retention and deletion policies
[/one-half-first]
[one-half]
IT, training and processes
Organizations will need to:
- Train privacy personnel and employees
- Audit and update data policies
- Employ a Data Protection Officer (if required)
- Create and manage compliant vendor contracts
[/one-half]