Draft: GDPR part 2

Ring oss på +47 23507481 Tjenester IT for dine ansatte Dine IT-systemer Læringssenter Artikler Kundehistorier Eventer ...

Draft: GDPR part 2

First of all, we recommend you to start as soon as possible with getting compliant with the new regulations, and not ...

First of all, we recommend you to start as soon as possible with getting compliant with the new regulations, and not postpone the transition, which can turn out to be more demanding than first expected. As mentioned above, the price of not complying is high, and the sooner you get on the right side of the law, the better.


To start the transition to compliance with GDPR, you should start by getting an overview of all the personal data your business is in control of. All businesses in control of personal data are already legally required to know the source and fate of this data, so this is a good place to start. 


Step 1

Ensure that you are compliant with current legislation, as the transition towards the new legislation will go smoother if you follow the current EU standards. This requires you to manage who has control of the personal data and how the data is used and accessed.


Step 2

Establish internal controls in order to detect security breaches and set the security at an adequate level. Your security initiatives must be documented and you must report any anomalies to the relevant government agency. With the new requirements, reporting must be done within 72 hours after security breaches. Maintain your commitment by making well-defined routines to follow the new rules, and ask yourself whether your systems are secure enough, and if you are capable of answering all inquires from customers within a month.


Step 3

Finally, by regularly evaluating and reviewing your system and your data, you can stay updated and compliant with GDPR.


How can we help you?

Ironstone is highly competent and knowledgeable on the new requirements of GDPR, and what the new legislation means to businesses with personal data stored in cloud solutions. At Ironstone, we offer the newest Microsoft technology and cloud products, which are made to be compliant with GDPR.

Microsoft has taken proactive steps towards GDPR compliance and is well-known for its extensive security measures. Microsoft was the first cloud service provider to implement the stringent requirements of the ISO 27018 (link to other article) and in the famous case of Safe Harbor (link to other article), Microsoft went to court and sued the American government based on the privacy rights of its clients.

Microsoft has repeatedly shown itself to be a pioneer within cloud security, and the latest transition towards GDPR compliance is just one of many security initiatives embraced by the company. Microsoft ensures that its products will be GPDR compliant by May 2018, when GDPR becomes effective. This means that by applying Microsoft cloud services, you are guaranteed that your technology meets the requirements of the GDPR.

At Ironstone, we offer the latest Microsoft products, which meet technological demands in areas such as access to personal data, the transfer of personal data, objection of processing of personal data, deletion of personal data and correction of personal data. (link to service)

Compliance with the GDPR is a shared responsibility between the business and the cloud service provider, but we can help you with the latest technology and guidance on how to become compliant and securing your customers data in the best possible way.


Get notified on news

Be the first to know about new IT insights to build or refine with the tools and knowledge you need.