Sharing new customer resources for EU’s General Data Protection Regulation

Microsoft on ‘Trust, Privacy and the GDPR’ – webinar replay available now

Meeting the requirements of the European Union’s landmark General Data Protection Regulation (GDPR) by May 25, 2018 is a pressing topic for many organizations worldwide. In our effort to provide customers with helpful GDPR compliance resources, we hosted a GDPR webinar with a panel of thought leaders earlier this week titled, “Microsoft on Trust, Privacy and the GDPR.” I’ve outlined some highlights from the discussion below. The on-demand video replay is available here.

Microsoft corporate vice president Julia White speaks to four participants during webinar

Microsoft Corporate Vice President Julia White discusses the GDPR with (top row, left) Bojana Bellamy, president of the Centre for Information Policy Leadership; Valerie Abend, Accenture’s Global Lead for Cyber Regulation; (bottom row, left) Angela Saverice-Rohan, EY Americas’ Data Privacy Lead; and Brendon Lynch, Microsoft Chief Privacy Officer.

GDPR webinar highlights

When I announced our commitment to GDPR compliance back in February, I laid out three areas where you can count on Microsoft: to provide technology solutions that help you meet your GDPR needs, to back up our commitments in our contracts, and to share our experiences so that you can plan your own path to GDPR compliance.

In our webinar, Julia White, Microsoft corporate vice president, Microsoft Azure & Security, detailed our progress in helping customers with their journey to GDPR compliance. Julia discussed how the Microsoft Cloud, including Office 365, Dynamics 365, Azure, and Azure data services, Enterprise Mobility + Security, and Windows 10 can help customers on their GDPR compliance journey.  We have also backed up our commitments through our contracts. And, as our webcast demonstrates, we are sharing our experience, and our partners’ experiences, with you along the way.

We are now one year from the GDPR going into effect and we’re hearing from our customers and partners that there is still much work to be done. We hope our webcast is useful and that you will continue to turn to Microsoft to help with your compliance needs.

Addressing GDPR challenges with the Microsoft Cloud

I’ve had an array of conversations with customers about the work they are doing to translate privacy regulations into business practices and technology solutions. It is clear that data is now a critical asset for all organizations, and that the GDPR will drive a transformational shift in how they govern data. Our customers also recognize that their GDPR-prompted data governance investments will help create more agility and support innovation across their organizations.

In the webinar, Bojana Bellamy, president of the Centre for Information Policy Leadership, offered advice to companies still evaluating how to meet their compliance obligations. “As the GDPR raises the privacy bar to a new level, I think cloud computing is going to help many organizations manage their data better and ultimately be more protective for an organization,” Bellamy said. “If they work with the right trusted partners, it will go a long way towards satisfying their GDPR compliance.”

Multinational organizations delivering products and services on a global basis want to deliver a consistent privacy experience for all their customers. That is where the Microsoft Cloud is an optimal solution, helping expedite their journey to GDPR compliance.

A year seems like a long time, but when you consider how much needs to be done by many organizations, the GDPR deadline will be upon us sooner that we realize. As I talk with customers, I have advised them to take a few simple steps to prepare.  First, organizations need to discover where all their personal data resides. Once it has been identified, they then need to carefully think through how that data is accessed, used and managed.  Second, organizations should establish security controls that prevent, detect and respond to breaches and develop procedures to address data requests, report breaches and keep records.

In addition, it is critical to get top management on board now. The requirements of the GDPR span the company. The chief information security officer, privacy team and the business owners of data need to come to a consensus on a thorough strategy. Organizations that take this kind of comprehensive approach today are going to set themselves up for success a year from now.

Supporting your GDPR journey

We understand that one of your biggest challenges in the coming year is adapting to changing privacy regulations. As the GDPR deadline draws near, we will continue to share resources and tools to help you move forward on your path to GDPR compliance.

Keep up to date by visiting our Microsoft Trust Center: The General Data Protection Regulation webpage, which we continue to expand as we address GDPR customer needs and requests. You can also join our security, privacy and compliance forum. There you can discuss GDPR issues with experts from the ecosystem of partners and consulting firms that we collaborate with, and get best practices from Microsoft’s own privacy and security professionals. As Microsoft improves our products to simplify GDPR compliance and prepares our own business for GDPR compliance, we are dedicated to helping our customers do the same.

On behalf of Microsoft, I want to thank, Bojana Bellamy; Valerie Abend, Accenture’s Global Lead for Cyber Regulation; and Angela Saverice-Rohan, EY Americas’ Data Privacy Lead for lending their invaluable GDPR insights to the webinar discussion.  Data governance and protection are shared responsibilities between Microsoft as a technology provider and our partners and customers – we are all on this GDPR journey together.

About the Author

Chief Privacy Officer, Microsoft

Brendon Lynch is the Chief Privacy Officer of Microsoft, where he has global responsibility for Microsoft’s privacy management program, including creating and implementing privacy policy, influencing the creation of privacy technologies and guiding engagement with external stakeholders. Brendon recently served as Chairman of the Board of Directors of the International Association of Privacy Professionals (IAPP). Prior to joining Microsoft in 2004, Brendon spent nine years in Europe and North America with PricewaterhouseCoopers providing privacy and risk management consulting services. Brendon is a Certified Information Privacy Professional (CIPP) and holds a business degree from the University of Waikato, in his home country of New Zealand.