The new General Data Protection Regulation (GDPR) constitutes a significant change to the EU privacy law established two decades ago. Read on to see what this means for Microsoft Dynamics 365 and Microsoft 365. GDPR is rolling out on 25^th May, at which time any organization found to be noncompliant will be punished with heavy fines. It’s therefore commercially vital for organizations to have GDPR in their headlights as the days count down. The purpose of the original Data Protection Directive was to harmonize data privacy laws across Europe, and ensure that all EU citizens felt empowered in the knowledge that they could access any data a business held about them at any time. GDPR is the next version of the Data Protection Directive, ensuring that citizens’ data is still protected, an essential—and perhaps overdue—task, given all the technological changes over the past 20 years. Ultimately, it’s about organisations respecting and protecting personal data—no matter what it is, where it is sent, processed or stored. Committed to compliance Unsurprisingly, Microsoft is working alongside partners and customers to ensure all necessary GDPR commitments are being honored. This is perhaps most obviously demonstrated on Microsoft’s new GDPR Demos page, helping organisations of all shapes and sizes to understand what is required of them, and how to implement a strategy that will ensure they are compliant. Including overview scenarios, Interactive scenarios and hands-on demos that focus on Microsoft 365 and Dynamics 365 features for GDPR compliance. So, what does it mean? Microsoft’s attitude toward GDPR compliance can be demonstrated most comprehensibly in their five-step plan:

1. Discover: Identify what personal data you have and where it resides
2. Control: Manage how personal data is used and accessed
3. Protect: Establish security controls to prevent, detect and respond to vulnerabilities and data breaches
4. Report: Action data subject requests and keep required documentation
5. Review: Analyze your data and systems, stay compliant and reduce risk

Honorably, Microsoft has pledged to ensure anybody signing up to its cloud services will have a GDPR compliant solution. Those businesses upgrading to Dynamics 365 CRM or ERP solutions will put themselves in good stead toward protecting themselves from GDPR. However, it does not guarantee full compliance. Data cleansing, processes re-mapping, acquiring consents, building governance controls and much more need to be considered. According to Mohamed Mostafa, writing on MSDynamicsWorld: “All this work and these activities open up the opportunity for business stakeholders and IT departments to get budgets allocated to upgrade their existing Dynamics solutions and include in their upgrades those enhancements that were not implemented before due to budget constraints. At the same time, the demands of GDPR open opportunities to Microsoft Dynamics partners, which will play an important role in helping their customers deliver these Dynamics 365 solution upgrades and enhancements.” In conclusion… Ultimately, GDPR means more work for organizations that are just looking to get on with their core objective, it also presents good opportunities for individuals in those businesses to upgrade their Microsoft 365 and Dynamics 365 technologies. It also gives Microsoft partners a good opportunity to boost solutions sales. At Conspicuous, we look forward to the increased activity around Dynamics technologies in the build up to the GDPR cut-off, and are excited to see how all of our clients rise to the challenge. Feel free to get in touch if you want to discuss Dynamics resource for your GDPR project.