Four key steps to remain on course for GDPR compliance

Four key steps to remain on course for GDPR compliance
The new regulation offers companies a chance to digitally transform, says Microsoft

Elly Yates-Roberts |

The European Union’s General Data Protection Regulation (GDPR), which comes into effect on 25 May, will allow individuals, companies and governments to protect customers data.

In a recent article on, Hugh Milward, director of Corporate, External and Legal Affairs at Microsoft UK, explains the four steps that companies can use to prepare for GDPR compliance.

1. Companies must understand the data they hold – this includes how it is used and ensuring it’s protected. They must be able to offer clear reporting on how customers’ data is handled in case regulators require it.

2. Use the ‘compliance+’ approach – this goes beyond data discovery, management and protection to anticipate future developments. For example, working with a cloud vendor that is committed to complying with all relevant guidelines provides businesses with added confidence.

3. Think of GDPR as an opportunity for change – the organisations that do this will allow their staff to collaborate and access information from anywhere with any device.

4. Introduce the relevant technology – technology must be introduced at the same time as these changes with the right skills to utilise it. Innovations such as artificial intelligence (AI) potential, but employees need to know how to properly store and protect data.

“Our line of work involves handling lots of confidential personally identifiable information (PII) and heeding GDPR compliance, which makes security and data protection top of our agenda,” said Chris McCall, chief technology officer at public sector recruitment specialist Affinity Workforce. “However, with our technology strategy we wanted to tread the fine line between implementing stringent security standards and being agile, removing restrictions on the types of tools we could use and enabling our workforce of more than 400 people to work more flexibly.”

The ability to manage and protect data is also important for building trusting relationships with customers. According to Harvard Business Review, 97% of people expressed concern that their online personal information might be misused.

To help organisations to be GDPR compliant, Microsoft has released Compliance Manager Preview, which is now generally available for Azure, Dynamics 365 and Office 365 Business and Enterprise subscribers in public clouds.

Subscribe to the Technology Record newsletter

  • ©2024 Tudor Rose. All Rights Reserved. Technology Record is published by Tudor Rose with the support and guidance of Microsoft.