On May 25, 2018 the European Union’s (EU) General Data Protection Regulation (GDPR) went into effect. The GDPR imposes new rules on organizations that offer goods and services to EU citizens, or that collect and analyze data tied to EU residents, regardless of where the businesses are located. It establishes strict privacy requirements, governing how you manage and protect personal data, while respecting individual choice – no matter where data is sent, processed, or stored.
With organizations increasingly leveraging cloud applications to outsource productivity and other workloads, data is no longer stored in one central on-premises location. Instead your data is now spread across multiple public cloud apps and services, where it can be easily accessed and shared with others. Additionally, Shadow IT makes it even more difficult for organizations to conclusively assess their compliance with GDPR requirements. With the new accountability, enforced by the GDPR framework, it is more important than ever to ensure your corporate data is stored and handled accordingly.
To help its Office 365 customers support and respond to GDPR. First the Office 365 Cloud App Security provides new risk assessment capabilities to help you determine if the cloud apps and services used across your organization are compliant with GDPR requirements. See Cloud App Security and its GDPR risk assessment.
Plus, included with Office 365 is the GDPR Dashboard which includes tools to Discover and Govern your Office 365 environment to meet GDPR requirements. You can also create Data Subject Request (DSR) cases which is a requirement of GDPR. To access the Office 365 GDPR Dashboard you can go to the Office 365 Admin Portal | Admin Centers | Security & Compliance | Data Privacy | GDPR Dashboard.