“ALL ABOUT” MICROSOFT GDPR STRATEGIES (…WITH NAV SUPPORT)
the deadline is approaching … it lacks a little … and today we can also talk about NAV (only NAV was missing and expected..).. in this post i want to summary all the GDPR strategies of Microsoft published to date.
GDPR with NAV WHITEPAPER IS READY !!
Today the long-awaited WHITEPAPER for NAV has been published … (about 600 people have asked me about this document) … and so now that it’s out, good reading to everyone!
Summary of publications by Topics
- ABOUT GDPR
- GDPR on PARTNER NETWORK
- GDPR for AZURE
- GDPR for SQL SERVER
- GDPR for OFFICE 365
- GDPR for CLOUD
- GDPR ASSESMENTS PAGES
- GDPR COMPLIANCE MANAGER
- GDPR for NAV
“May 25, 2018: a new era begins for data privacy”
“On this date in a little less than a year, the new European Union (EU) data protection law will be implemented, replacing the old Data Protection Directive, which has been in effect since 1995. The new law, known as the General Data Protection Regulation (GDPR), gives individuals greater control over their personal data and imposes many new obligations on organizations that collect, handle, or analyze personal data.”
GDPR ON PARTNER NETWORK
A lot of questions are available on Microsoft partner network
GDPR FOR AZURE
Please have a look at our white paper How Microsoft Azure Can Help Organizations Become Compliant with the EU General Data Protection Regulation to gain an understanding of how your organization can use currently available features in Azure to optimize your preparation for GDPR compliance. We are here to help you with your compliance efforts in the face of the coming EU law.
Azure SQL and Information Protection (GDPR)
SQL Information Protection (SQL IP) introduces a set of advanced services and new SQL capabilities, forming a new information protection paradigm in SQL aimed at protecting the data, not just the database:
More details on using SQL Information Protection can be found in:
GDPR FOR SQL SERVER
Free ebook “Meet the new General Data Protection Regulation (GDPR) requirements with Microsoft SQL Server”
GDPR FOR SQL OFFICE 365
Microsoft ha riunito Office 365, Windows 10 ed Enterprise Mobility + Security in un’unica soluzione sempre aggiornata, ovvero Microsoft 365, che alleggerisce le organizzazioni da gran parte dei costi e della complessità tipici di sistemi multipli e frammentati, non necessariamente progettati per essere conformi agli standard correnti
Leggi questo white paper per un’esplorazione approfondita di:
- GDPR e le sue implicazioni per le organizzazioni.
- Modo in cui le funzionalità di Microsoft 365 Enterprise possono aiutare la tua organizzazione ad accostarsi alla conformità al GDPR e ad accelerare il percorso di adeguamento.
- Che cosa puoi fare per iniziare subito.
GDPR FOR CLOUD
The new General Data Protection Regulation (GDPR) is the most significant change to European Union (EU) privacy law in two decades. The GDPR requires that organizations respect and protect personal data – no matter where it is sent, processed or stored. Complying with the GDPR will not be easy. To simplify your path to compliance, Microsoft is committing to be GDPR compliant across our cloud services when enforcement begins on May 25, 2018.
GDPR is part of our holistic cloud compliance investments
We are committed to our principles of cloud trust – across security, privacy, transparency and compliance. We have a broad portfolio of cloud services that address the rigorous security and privacy demands of our customers, who comprise over 90 percent of Fortune 500 companies. As the GDPR enforcement begins, here is what else you can expect from us:
GDPR ASSESMENTS PAGES (TRUSTED CENTER)
GDPR GENERAL https://www.gdprbenchmark.com/IT/
GDPR ASSESMENTS https://www.gdprbenchmark.com/it/questions
GDPR – Compliance Manager Preview is now available !
*Compliance Manager is a dashboard that provides a summary of your data protection and compliance stature and recommendations to improve data protection and compliance. This is a recommendation, it is up to you to evaluate its effectiveness in your regulatory environment prior to implementation. Recommendations from Compliance Manager should not be interpreted as a guarantee of compliance.”
LINKS – COMPLIANCE MANAGER
GDPR FOR NAV
“To start I would like to emphasize that all versions in mainstream support will get GDPR related features (This means NAV 2015 and up).
NAV GDPR WHITEPAPER IS READY!
As mentioned in an earlier blog post, Microsoft is dedicated to helping our partners and customers meet the requirements of the GDPR. By May 2018, Dynamics NAV 2018, Dynamics NAV 2017, Dynamics NAV 2016, and Dynamcis NAV 2015 will be updated with tools to help you get GDPR compliant. The March cumulative updates have just been made available and provide the first round of updates for you. We have prepared a Dynamics NAV whitepaper that will help you prepare for compliance. Get it here.
The following links provide additional information and will be updated over time:
- Microsoft Trust Center: https://www.microsoft.com/en-us/trustcenter/privacy/gdpr/solutions#dynamics-365
- Microsoft GDPR Assesment: https://www.gdprbenchmark.com/
- Dynamics NAV Lifecycle: https://support.microsoft.com/en-us/lifecycle/search?alpha=Dynamics%20NAV
- Get GDPR compliant with the Microsoft Cloud: https://blogs.microsoft.com/on-the-issues/2017/02/15/get-gdpr-compliant-with-the-microsoft-cloud/
- Landing page for GDPR whitepapers for Dynamics 365: https://aka.ms/gdprdynamics365
DOWNLOAD NAV GDPR WHITEPAPER HERE
Other Tools for NAV
I started to look at some tools for the old versions of NAV, for now i found this:
NAV GDPR Toolset
CLASSIFYING DATA IN NAV (FIRST STEP..)
NAV GDPR “OPEN ISSUES”…..
And what’s next ?
Data Classification is only the basic requirement in order to define your product to be totally GDPR-compliant. What we need right now in NAV?
One of the key aims of the GDPR is to empower individuals and give them control over their personal data. For having a good GDPR-compliance, we need to have features to satisfy at least these GDPR articles and topics:
- Personal / sensitive data discovery
- The right to be informed (Articles 12, 13, 14)
- The right of access (Article 15)
- The right to rectification (Article 16)
- The right to erasure (Article 17)
- The right to restrict processing (Articles 18, 19)
- The right to data portability (Article 20)
- Data encryption and destruction (automated)
- GDPR activities logging
What to do in practice? What should the NAV Product Team do?
- Data Classification (done)
- Providing GDPR-related entity management (like Data Protection Officer card, Administrators or other controllers identification).
- Providing a quick way to retrieve sensitive data in the entire database (for example, if your old contact asks you to retrieve all his sensitive data you have in your system, you need to have a quick way to retrieve them).
- Providing a quick way to rectify sensitive data (for example, change of a contact data: you need to change this data in the entire database and documents).
- Providing a quick and automated way to mask or delete sensitive data (if your old contact asks you to immediately delete all his sensitive data in your database, you need to remove them or cypher them).
- Provide a way to export all sensitive data of an individual in a standard format (CSV or XML) for data portability.
- Providing a centralized way where launching all these GDPR tasks, log them, log GDPR incoming requests and action performed on the database.
We’ll have something similar before the May 25? Or we’ll have to develop all by ourself ? …..we are waiting answers directly from Microsoft about these topics ! Let you know ASAP !
MY OLD GDPR POSTS
GDPR and Azure, a new era for data privacy
Microsoft Dynamics 365 and GDPR
COMPLIANCE MANAGER is AVAILABLE
Have a nice GDPR Time!