Wednesday, August 23, 2017

Do You Need To Be GDPR Compliant?

The GDPR Self-Assessment by Microsoft will help you identify if your organization needs to be GDPR compliant by the May 25, 2018 deadline.

The following are some of the grounds for compliance that might apply to your organization.
  • EU citizens/residents who are your employees are subject to GDPR (no matter where in the word they live or work)
  • Collecting personal data about employees, customers, and/or consumers are cause for GDPR compliance
    • Photos on video monitors and/or company badges are personal data (because of facial recognition/bio-metric data) and are thus subject to GDPR
    • Using website cookies and/or collecting IP or MAC addresses are considered methods for collecting personal data
  • Any vendors that have access to personal data of EU citizens/residents must be GDPR compliant, and it is your organization's responsibility to verify, to the extent possible, that the vendor meets GDPR compliance
  • Just because your organization or a vendor is Privacy Shield certified does not automatically guarantee GDPR compliance

Non-compliance will result in a minimum fine of €20,000,000 or 4% of transactions, whichever is greater. Additionally, failure to pay the fine can result in your organization being banned from conducting business in the EU, asset seizure/forfeiture, and fines from other government agencies (including U.S. government agencies).

If you feel that your organization will need to be GDPR compliant by May 25, 2018, Office 365 has security features and a GDPR portal to help your organization meet GDPR compliance.

If you'd like a recommendation for a vendor who can help you with Office 365 and GDPR compliance, just reply below or email me with your contact information. I promise I don't get a commission!


  1. Are you looking for the best cloud backup solution for your business data? There are so many options in the market that you may not know what to choose. Choosing a cloud backup software is not a task to be taken lightly as your business have important data related to client’s databases, information related to taxes, financial records, contact details, emails and other important work files which they cannot afford to lose.

    Computer hard disk recovery services
    data recovery services
    Cloud Backup Solution

  2. Very nice post here and thanks for it .I always like and such a super contents of these post.
    Excellent and very cool idea and great content of different kinds of the valuable information's.

    Java training in Bangalore

  3. This comment has been removed by the author.

  4. Thanks for sharing is post with us. We are here GDPR consultants we are experienced and certified GDPR implementers can provide regular and independent audit services regarding GDPR compliance.