If you’ve been keeping a track of news surrounding the subject of data security, especially in Europe, you’re likely to have heard about the GDPR or General Data Protection Regulation. Though you might have read enough about it, you probably still have a few unanswered questions.
Well, we are going to help you out by giving you a good idea of what GDPR is. More importantly, we are going to tell you how GDPR is going to impact your use of Microsoft Dynamics 365.
The GDPR is a major update to existing European Union Privacy Laws. The last time we saw updates being made was 20 years ago. The GDPR is a much-needed addition considering the fact that technology today has evolved drastically. It’s time that there were laws such as this in place to combat data and privacy threats.
The GDPR actually replaces the older DPD or Data Protection Directive, which came into play all the way back in 1995. This was a time when web technology was still taking root. However, we now live in an era that is made up of cloud services and mobile access. So, needless to say, GDPR is something we really require.
Several of the regulations under DPD became obsolete, which set the motion for new data security laws to be passed within the EU.
In essence, GDPR’s objective is to make sure organizations and businesses protect personal data, irrespective of where it’s stored, sent or sourced from. To put it simply, businesses/organization will have a greater responsibility with regard to data protection and security.
The new regulation covers every entity; right from private corporations to even government agencies and NGOs.
However, GDPR’s regulations are not uniform. They will vary from member state to member state. This is due to the fact that EU’s member states are, at the end of the day, independent countries with their own laws and regulations.
The penalty for not adhering to GDPR will result in a fine that can be as much as 4% of the offending organization’s annual revenue or 20 million euros.
Currently, organizations have been given a time of 2 years to transition into a state of compliance with GDPR. The GDPR will go into full effect on 25th May 2018.
What are organizations required to do?
The key focus will be on privacy policies. GDPR will require privacy policies to be more comprehensive and detailed. The policies will also have to be written in language that is plain and understandable. Legal representatives will have to be hired in order to review these policies and clear them as being GDPR ready.
GDPR will also regulate permissions. In other words, opted-in email addresses belonging to customers will be beyond the access of companies after a period of inactivity.
Needless to say, this will affect CRM efforts and strategies.
Microsoft has already released a 5-step plan to help users of Dynamics 365 adapt to the new changes. For starters, the tech giant will be including 3 new commitments into existing contracts to enable automatic compliance with GDPR.
So, Dynamics 365 users can be sure that their version of the CRM tool will be updated to be compliant with GDPR.
There will be a more dedicated focus on granting access privileges according to individual records and job titles. Highly sensitive areas will see greater restriction.
Access and control of data in the Dynamics 365 environment will be given more priority now. Solutions such as Azure Active Directory and Azure AD Privileged Identity Management will be implemented to make user management easier and heavily regulate access via control and reporting.