Microsoft 365 launching GDPR Compliance Manager

Last week Microsoft announced that it will be launching a Compliance Manager across it’s cloud offering which will help organisations meeting their online compliance requirements, citing GDPR as one such compliance challenge.

Microsoft says its Compliance Manager is “designed to help organizations meet complex compliance obligations like the GDPR. It performs a real-time risk assessment that reflects your compliance posture against data protection regulations when using Microsoft Cloud services, along with recommended actions and step-by-step guidance.

The Compliance Manager should go some way to assure UK business’s with regards to their GDPR compliance when it comes to storing their data online with Microsoft (e.g. SharePoint, OneDrive, etc.) – remember the GDPR requires you, as a Data Controller, not to use any Data Processors who can’t prove they’re GDPR compliant (thus helping you maintain your GDPR compliance). There’s still some issues about the contractual obligations in the GDPR for the Controller-Processor relationship, but expect them to be covered off in terms and conditions from Microsoft.

More on the Controller-Processor relationship can be found in the Data Protection section of the Hub (requires a subscription)