As the GDPR looms, Microsoft and Tech Data help to clear the fog for your business by answering your burning questions surrounding this intimidating regulatory change.
Invezz.com - Grow your wealth with trading signals
"If we're leaving the EU, does GDPR even matter?" And other FAQs
1. ”If we’re leaving the
EU, does GDPR even
matter?” And other FAQs
Microsoft and Tech Data help you and your
customers to cut through the surplus of GDPR
jargon and address the most prevalent issues
of public concern head on.
2. While GDPR was devised and published in 2016,
regulatory conduct in the UK still abides by the 1998
Data Protection Act 1998, while other members of
the EU still abide by the 1995 EU Data Protection
Directive. On 25 May 2018, GDPR will come into
immediate effect, superseding all the data laws of old.
3. Concern surrounding the complexities
of GDPR continues to grow, and while
many are not wrong in believing that
they have a significant transitionary
period immediately ahead of them, they
needn’t be intimidated by it.
4. Microsoft and Tech Data are committed to
guiding you through this impending change
using both our expertise across data and
compliance, and the far-stretching capabilities
of the Microsoft suite. We address the
concerns surrounding this legislatory sea
change below, so you can be in the position to
help your customers prepare for the new law.
7. The Data Protection Act
was implemented under an
EU directive and GDPR is
effectively an update and
extension of this law, so the
ICO will essentially be doing
what it always has done, only
with bigger potential fines.
10. Any business that sells
to the EU will need to
meet GDPR regulations,
and those that don’t will
risk being sanctioned
and potentially banned
from providing goods and
services to Europe.
11. In this situation, the say of the ICO is
final, and regardless of the UK’s shaky
EU membership status, they will ensure
that the UK is not exempt from it.
12. WHAT IF MY ORGANISATION
TRANSFERS DATA TO
COUNTRIES OUTSIDE OF
THE EU?
13. The GDPR strictly
regulates transfers
of personal data of
European residents
to destinations
outside the European
Economic Area.
14. In order to continue
transferring data to clients
abroad, you may need
to set up or adhere to a
specific legal mechanism
or contract in order to
enable these transfers.
15. IF MY BUSINESS USES A
VENDOR TO PROCESS
PERSONAL DATA, WHAT
DO I NEED TO KNOW?
16. The GDPR requires controllers to only
use processors that guarantee they will
‘implement appropriate technical and
organisational measures’.
17. This means ensuring the
rights of data subjects
are protected and the
processing requirements of
the GDPR are satisfied.
In the context of enterprise
online services such as
Enterprise Mobility +
Security (EM+S), Microsoft
is a processor and your
customers become the
controller.
18. Among other things, the
GDPR Terms commit that
Tech Data and Microsoft
will only process data
in accordance with a
controller’s instructions.
19. Microsoft’s broad portfolio of enterprise cloud
services – across Dynamics and EM+S to Azure,
Office 365 and Windows 10 – will support your
customers in meeting GDPR regulations regarding
deletion, rectification, transfer of, access to, and
objection to processing of personal data.
20. You can count on Tech Data’s
long-standing relationship
with Microsoft and its expert
support as you sell Microsoft
technologies to your customers.
21. SO WHAT WILL
HAPPEN IN THE EVENT
OF A DATA BREACH,
OR INFORMATION
BEING LEAKED?
22. The GDPR defines a ‘personal
data breach’ as ‘a breach of
security leading to the accidental
or unlawful destruction, loss,
alteration, unauthorised of,
or access to, personal data
transmitted, stored or otherwise
processed’.
23. In the event of a personal data
breach, the GDPR requires
notice to regulators within
72 hours of detecting the
breach. Your customers may
also need to notify affected
individuals if there is a
significant risk of harm due
to the breach.
72
HOURS
24. If an organisation does lose any
EU resident’s PII, the ICO will take
into consideration the processes,
workflows and security it has
put in place to protect the EU
resident’s PII when determining
the size of the fine.
26. Granted you partner up with
the right software vendor, this
will help you immeasurably
in setting your customers
on the right road to meeting
GDPR requirements.
27. With the most comprehensive set
of compliance and security offerings
of any cloud provider and a vast
partner ecosystem, Microsoft and
Tech Data are more than equipped
to support your customers on their
GDPR journey and beyond.
29. Rather than assessing
individual technologies
and solutions against a
comprehensive regulation
such as the GDPR, Microsoft
and Tech Data would
recommend adopting a
platform-centric view.
30. Here are just some example platforms
that Microsoft offer:
Exchange
Office 365 Dynamics 365
Windows Microsoft SQL
Server
SharePoint
Azure
31. Focusing on your customer’s
compliance will provide them
with a clearer path to ensure
they’re adhering to GDPR
regulations, but also with
other regulatory measures
that may be specific to your
organisation or particular
business model.
32. We hope this piece has worked to cover
any areas of concern you may have had
surrounding GDPR that weren’t covered in
our initial ‘need-to-know’ blog.
33. Takeaways
GDPR is enforced by the Information
Commissioner’s Office (ICO), who will
essentially be doing what it always has
done, only with bigger potential fines
(up to 4% of global turnover or €20 million,
whichever is greater).
These data laws go much wider than the
UK and its EU membership status. Any
business that sells to the EU will need to
meet GDPR regulations. Those that don’t
risk being sanctioned.
34. Businesses that transfer data to
countries outside of the EU may need
to set up or adhere to a specific legal
mechanism or contract.
In the event of a personal data
breach, the GDPR requires notice to
regulators within 72 hours of detecting
it. Individuals may have to be notified if
there is a risk of harm.
35. Explore Microsoft and Tech
Data’s rich suite of resources
and capable of securing your
operations and boosting your
long-term sales performance.
VISIT NOW