Enforcement of a new and significant change in privacy laws in the European Union (EU) may be more than a year away, but Microsoft is taking steps now to familiarize partners with the General Data Protection Regulation (GDPR), understand how they can help their customers, and grow their business.
The GDPR will require new privacy and data-protection regulations for any organization that offers goods or services to people in the EU, or that collects and analyzes data tied to EU residents – no matter where that organization is located. Enforcement begins on May 25, 2018. As a vendor, Microsoft has committed to being GDPR-compliant across its cloud services at that time.
According to a blog Thursday by Gavriella Schuster, corporate vice president, worldwide partner group at Microsoft, there are three ways that partners can help customers navigate the new GDPR regulation and tap into an opportunity pegged at $3.5 billion in security products and services, according to IDC.
The first partner opportunity involves filling the role and functions of a Data Protection Officer (DPO) – which is a requirement under the GDPR – rather than hire an in-house DPO, a role that includes responsibility for employee awareness about compliance obligations as well as monitoring, training and audits required by the GDPR.
Schuster notes that partners could create a managed services offering to meet the GDPR requirements. The International Association of Privacy Professionals estimates at that the GDPR will create a need for at least 75,000 DPOs.
Data-breach notification to the authorities and affected individuals within 72 hours of detection is included in the GDPR. Partners could play a vital role helping customers build and maintain detection and notification systems.
The third partner opportunity is around risk management and mitigation assessments to help impacted businesses demonstrate compliancy with the GDPR. Assessments aren’t a one-time offering either, as companies will require periodic assessments to identify gaps in risk management and migration processes.