Microsoft Corporation

Slides:



Advertisements
Similar presentations
Outsourcing Louis P. Piergeti VP, IIROC March 29, 2011.
Advertisements

Privacy and Data Protection III Annual Latin American Telecommunications, Technology, and Internet Public Policy Forum Geff Brown, Assistant General Counsel.
How Prepared are Nordic CIOs for GDPR Compliance?
General Data Protection Regulation (EU 2016/679)
SAM Baseline Review Engagement
GDPR 12 POINTS 679/2016 DATA LEX 2016.
View the Microsoft external site for more information: www. Microsoft
Data Protection Officer’s Overview of the GDPR
Accountability & Structured Privacy Management
Ian De Freitas, Partner, Farrer & Co 6 September 2017
“Introduction to Azure Security Center”
Understanding EU GDPR from an Office 365 perspective
General Data Protection Regulations and the IoT
Microsoft 365 Get help with regulatory compliance
Presentation to GTMC on GDPR
Information Destruction; 2017 and beyond!
Microsoft SAM for Hosting (SPLA)
GDPR Awareness and Training Workshop
General Data Protection Regulations: what you really need to know
General Data Protection Regulation (GDPR
General Data Protection Regulation
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.
General Data Protection Regulation
KEY CHANGES TO THE DATA PROTECTION LANDSCAPE
GDPR Readiness Project
Integrated for simplicity
General Data Protection Regulation
INTRODUCTION TO GDPR 19/09/2018.
Azure Information Protection
Bob Siegel President Privacy Ref, Inc.
GENERAL DATA PROTECTION REGULATION (GDPR)
Office 365 Security Assessment Workshop
Vikas Dewangan (Senior Technology Architect)
The Rise of Privacy: Complying with GDPR in the United States
SAM GDPR Assessment <Insert partner logo here>
Software for ambitious enterprises
General Data Protection Regulation
Barbara Hendrickson BAX SECURITIES LAW June 1st, 2018
Dealing with your GDPR Challenges
Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .
General Data Protection Regulation (GDPR)
GDPR - New Data Protection Regulation
How we’ll prepare for the General Data Protection Regulation (GDPR)
Jeremy Lilley, Policy Manager,
Welcome!.
GDPR enforcement begins
 How does GDPR impact your business? Pro Tip: Pro Tip: Pro Tip:
Are you GDPR ready? Get help with regulatory compliance
 GDPR Readiness Quiz Quick Insight: Quick Insight: Quick Insight:
The General Data Protection Regulation: Are You Ready?
What YOUR ORGANIZATION CAN be doing to prepare
Employee engagement Delivery guide
General Data Protection regulation (GDPR)
Guidance for Patient Interactions
Overview of the recommendations regarding approximation of the Law on personal data protection to the new EU General data protection regulation Valerija.
Data Protection What can I do? GDPR Principles General Data Protection
General Data Protection Regulation (GDPR)
Microsoft Data Insights Summit
Successfully build your GDPR offer – and how Microsoft can help
Data Privacy by Design Expanding Security for bepress Users
Cloud Economics Assessment
Strengthening the GDPR business opportunity with Microsoft 365
Make it real: Help your customers comply with the GDPR
Getting Ready For GDPR Simon Marks Director
GDPR is here – are you ready?
Workplace Modernization Assessment
Anatomy of a Common Cyber Attack
Cloud Economics Assessment
A. Šidlauskas Mykolas Romeris University (LITHUANIA)
Presentation transcript:

Microsoft Corporation GDPR –Coming Soon! Microsoft Corporation

Providing clarity and consistency for the protection of personal data 9/17/2018 5:42 PM Providing clarity and consistency for the protection of personal data The General Data Protection Regulation (GDPR) imposes new rules on organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents, no matter where they are located. Enhanced personal privacy rights Increased duty for protecting data Mandatory breach reporting Significant penalties for non-compliance Goes into Effect May 2018 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

What are the key changes with the GDPR? Microsoft Envision 2016 9/17/2018 5:42 PM What are the key changes with the GDPR? Personal privacy Individuals have the right to: Access their personal data Correct errors in their personal data Erase their personal data Object to processing of their personal data Export personal data Controls and notifications Strict security requirements Breach notification obligation Appropriate consents for data processing Confidentiality Recordkeeping Transparent policies Transparent and easily accessible policies regarding: Notice of data collection Notice of processing Processing details Data retention/deletion IT and training Need to invest in: Privacy personnel and employee training Data policies Data Protection Officer (larger organizations) Processor/Vendor contract © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

The Skinny on GDPR for Partners Potential Global Impact Operational Complexity Significant Fines Need for privacy professionals The regulation GDPR policies require Fines for non- There will be a applies to companies privacy-by-design compliance can serious resource that trade products or services with European customers or in the European market.1. and by-default. Partners can become privacy consultants or implementers to support customers' GDPR journeys. be "up to 4% of an organization's global revenues or €20 million, whichever is greater. A fine of this shortfall of Privacy Professionals. Professional Services vendors will pick up the slack 2.   magnitude could put many companies out of business." 1

GDPR Resources

Microsoft GDPR Detailed Assessment <your name> This presentation is intended to provide an overview of the Microsoft GDPR Detailed Assessment and is not a definitive statement of the law.

The Approach Discover 1 Manage 2 Protect 3 Report 4 9/17/2018 5:42 PM The Approach Discover Identify what personal data you have and where it resides 1 Manage Govern how personal data is used and accessed 2 Protect Establish security controls to prevent, detect, and respond to vulnerabilities & data breaches Presenter guidance: Use this slide to educate how customers can get started on their journey to GDPR compliance. Key takeaways: The GDPR contains many requirements about how you collect, store and use personal information. This means not only how you identify and secure the personal data in your systems, but also how you accommodate new transparency requirements, how you detect and report personal data breaches, and how you train privacy personnel and employees. Given how much is involved, you should not wait until the regulation takes effect in May 2018 to prepare. You need to begin reviewing your privacy and data management practices now. Failure to comply with the GDPR could prove costly, as companies that do not meet the requirements and obligations could face substantial fines and reputational harm. We recommend companies begin their journey to GDPR compliance by focusing on four key pillars of an effective data protection regime: Discover—Identify what personal data you have and where it resides. Manage—Determine how personal data is used and accessed. Protect—Establish security controls to prevent, detect, and respond to vulnerabilities and data breaches. Report— Execute on data requests, report data breaches, and keep required documentation. 3 Report Keep required documentation, manage data requests and breach notifications 4 © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Assessment Opportunities Identify GDPR compliance gaps Identify maturity along key GDPR scenarios Customer education on Microsoft security + compliance features and identify gaps Provide an overview of security and compliance controls as well as guidance + additional readiness content This assessment will not discover personal Identify potential data security + compliance challenges Determine the current state of personal data security. Discuss and create an actionable data security roadmap for the customer

Assessment objectives Understand Customer GDPR compliance objectives Gain a common understanding of compliance objectives and GDPR requirements Assess Customer GDPR maturity level Assess customer’s preparedness to execute on Discover, Manage, Protect, & Report activities Create a GDPR compliance roadmap Provide a prioritized and actionable GDPR remediation checklist and roadmap, ready for legal/advisory review

Microsoft GDPR Detailed Assessment Workshop Kick Off Assessment Remediation Project scope Requirements Stakeholders Complete Microsoft GDPR Detailed Assessment Identify gaps Provide detailed remediation checklist as prescribed by Microsoft GDPR Detailed Assessment Identify customers remediation roadmap and next steps Partner opportunity to help remediate

CELA Extras

Cloud Services Due Diligence Checklist A move to the cloud raises important strategic issues for an organization: How will data be secured, where will it be located, and how available will it be when it is no longer on premises? How will the organization continue to meet regulatory obligations? How will the privacy of sensitive customer and employee data be protected? The critical first step for organizations, before they can assess and compare the level of service offered by different cloud service providers, is to clearly identify their own objectives and requirements. Microsoft created the Cloud Services Due Diligence Checklist to meet the business need for a standardized approach. https://www.microsoft.com/en-us/trustcenter/compliance/due-diligence-checklist