The General Data Protection Recovery Act, or GDPR, is a new regulation that goes into effect on May 25, 2018. In a nutshell, this new regulation is designed to help protect personal information of all European Union (EU) citizens. The basic idea is that EU citizens can request to know what personal information you have, request for data to be deleted, and enforce rules for companies that have or store EU citizens’ data to be responsible and report data breaches. Violations of these new policies can result in fines up to 4% of your company’s annual revenue.
If I don’t have your attention yet, let me ask you a few simple questions:
- Do you employ any EU citizens?
- Do you do business with any companies or citizens that are based in any EU country? (web, purchases, sales, etc.)
- Do you have offices or operations in any EU countries?
If you answered yes to any of these questions, then your organization may be at risk to follow these new regulations or face steep fines for lack of compliance.
Let’s say you still are not sure if these rules should apply to you and your organization. Microsoft has a free assessment you can take online here to help you determine if your organization is at risk.
Now, let’s suppose you are at risk or you have taken this assessment and realize that you may be at risk. What should you do next? For starters, you have until May 25, 2018 to get compliant. The good news is that Microsoft has a variety of tools to help you understand the requirements and to get started on your GDPR compliance journey. If you are using Office 365, Dynamics 365, or earlier releases of Dynamics AX, you may already be aware that personal information is available all over the system and may be available in many places outside of your system. Here are some tools you can use to start learning about GDPR and getting started on your compliance journey.
- Microsoft Trust Center – GDPR Resources
- Microsoft Whitepapers about GDPR
- Microsoft Docs Site Resources for GDPR
- Microsoft Dynamics 365 for Finance and Operations Guidance on GDPR
We understand that this might be confusing and overwhelming. To assist you even further, RSM offers a variety of services to help you get up to speed on these GDPR issues including but not limited to:
- Assessing your risk for GDPR compliance
- Implementing Microsoft technologies to help you become compliant with GDPR regulations
- Assessing infrastructure to help you determine where the sensitive data may be stored
Want to learn more? Contact our Microsoft Dynamics experts at RSM (855) 437-7201.
By: Rachel Profitt