Mapping Out Your Journey to Compliance

As Irish organisations digitally transform it can be easy to overlook the ever-changing demands of regulation. With new legislative frameworks and regulations like PSD2 (Revised Payment Service Directive) and the much discussed GDPR (General Data Protection Regulation) coming into effect in 2018, the regulatory landscape in the digital age is constantly evolving. It means that Irish organisations need to be prepared to comply and adapt to the needs for this new legislation – to protect sensitive data residing in the cloud and on-premises.

Microsoft helps organisations manage the balance between meeting legal demands on sensitive data and transforming their business models – we have done so for nearly four decades.

This is why we’re sharing our own perspective as well as best practice for GDPR compliance, through our new online resource. In addition, at the start of our GDPR journey, we said that we would share our own experience with other organisations so we now have a comprehensive e-book, entitled Microsoft’s Journey to Compliance, available to download from our online Trust Centre.

This e-book provides an overview of our journey to GDPR compliance—including how we approach privacy regulations, the organisational structure of our privacy team, our GDPR approach, and learnings from implementation workstreams.

The materials for this e-book were developed through interviews of privacy-accountable leaders across our major horizontals and verticals, resulting in a comprehensive and transparent overview of our approach to not only GDPR, but privacy in general.

Download this e-book to gain a comprehensive insight into how Microsoft is:

• Assessing and managing our compliance risk through tools such as extensive personal data store inventorying, data protection impact assessments and privacy reviews, and processes for the monitoring, measurement, and enforcement of privacy compliance.
• Protecting personal data with built-in, intelligent security capabilities that work together to more effectively secure personal data (including employee data).
• Streamlining our processes to empower our consumer users to access and manage their data, help our commercial customers meet their own compliance obligations, and train our employees, partners, and vendors on privacy readiness.

At Microsoft, we are deeply committed to privacy. The General Data Protection Regulation (GDPR) is an important step forward for clarifying and enabling individual privacy rights, and Microsoft has been investing to be compliant across its entire organisation for nearly two years leading up to this date – building upon this foundation and history of our commitment to privacy. By publishing this e-book and detailing our journey, we hope to support Irish organisation in showing this same commitment to privacy and data protection.

Shirley Finnerty

Business Group Lead