 GDPR Readiness Quiz Quick Insight: Quick Insight: Quick Insight: GDPR Foundations Training GDPR Readiness Quiz The new General Data Protection Regulation (GDPR) takes effect May 25, 2018, with wide-reaching impacts on millions of organizations worldwide. This simple quiz is designed to help you assess the readiness of your organization. See how well you can answer each of these questions. If you’re uncertain about any of these questions, contact us to learn how our GDPR Foundations Training can help your team understand the GDPR and the ways it may affect your business. Quick Insight: The GDPR imposes new rules on organizations in the European Union (EU) and those that offer goods and services to people in the EU, or that collect and analyze data tied to people in the EU, no matter where the organizations are located. 1. Does the GDPR apply to your organization if you operate outside the EU? Quick Insight: Every business that is subject to the GDPR must clearly communicate their data policies; have a permissible ground, such as consent from individuals, to collect and use personal data; give individuals access to their data; provide reasonable safeguards to protect data along with timely notice of breaches; and make special provisions for individuals when data profiling is used to process applications. 2. What are the primary requirements that the GDPR places upon businesses? Quick Insight: The GDPR gives individuals the right to withdraw their consent to data collection, correct errors, transfer their data to another company, or have their data removed entirely. Individuals also have the right to know what data is being collected, how it is processed, and if the data has been endangered. 3. What rights does the GDPR confer to individuals? 4. Who enforces the GDPR and what are the risks if your organization does not comply? Quick Insight: The GDPR creates an obligation for each EU member state to establish a Supervisory Authority (SA), which will be responsible for monitoring compliance and will have the authority to levy fines up to €20 million or 4% of a company’s annual sales, whichever is greater. 5. What is a Data Protection Impact Assessment and how do you know if your company needs one? Quick Insight: A Data Protection Impact Assessment is an assessment of the impact that processing may have on the protection of personal data, and is required whenever processing poses a high risk to the rights of individuals, such as when processing high volumes of individual data or processing sensitive data. Learn more about the GDPR Microsoft and <<Partner Name>> have prepared the GDPR Foundations Trainings to help you understand individual rights and business responsibilities under the GDPR. Introduction to GDPR (Approximately 45 Minutes) An introduction to the basics of the GDPR, including a top-level overview of individual rights and business responsibilities. GDPR Half Day Offsite (Half-Day Seminar) An in-depth review of the GDPR for those tasked with implementation of compliance and security procedures. Why <<Microsoft Partner>>? There are three key stages in your journey to compliance with the GDPR: understanding the new regulations, assessing your current capabilities, and implementing new policies or tools. As a Microsoft Partner, we offer insight and experience to help you with all three stages to ensure you have effective security and compliance solutions. Contact us today to get started! <<Insert Microsoft Partner’s customer testimonial here>> <<Microsoft Partner>> <<Microsoft Partner Contact Information>> *This quiz is a commentary on the GDPR, as Microsoft interprets it, as of the date of publication. Application of GDPR is highly fact-specific, and not all aspects of GDPR are well-settled. This quiz should not be relied on as legal advice.