{"id":24144,"date":"2018-03-15T10:00:12","date_gmt":"2018-03-15T17:00:12","guid":{"rendered":""},"modified":"2024-01-22T22:51:13","modified_gmt":"2024-01-23T06:51:13","slug":"complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/","title":{"rendered":"Complying with General Data Protection Regulation (GDPR) on Microsoft Data Platform technologies"},"content":{"rendered":"<p><em>This post is authored by Frederico Pravatta Rezende, Senior Product Marketing Manager, CADD &amp; AI.<\/em><\/p>\n<p>Is your organization prepared for the General Data Protection Regulation (GDPR)?<\/p>\n<p>If your company does business in Europe, you\u2019ll need to be aware of this new privacy law, which is set to bolster data protections for individuals living within the European Union (EU) starting on May 25, 2018.<\/p>\n<p>The GDPR introduces several specific rights for EU residents, such as the right to access their personal data, correct inaccuracies in their data, erase data, object to the processing of their data, and to obtain a copy of their data. It aims to ensure that personal data is protected no matter where it\u2019s sent, processed, or stored.<\/p>\n<p>For your organization, this means taking a fresh look at how you control exposure to personal data, employ security mechanisms to protect personal data, detect and notify supervisory authorities of breaches within a timely manner, keep records of data-processing activities, and document risks and security measures.<\/p>\n<p>The cost of non-compliance is high, reaching up to \u20ac20 million or 4 percent of the worldwide annual revenue of the prior fiscal year, whichever is higher.<\/p>\n<p>Microsoft is committed to the GDPR, and we support you in complying with its obligations. We\u2019ve addressed data privacy across several of our products and services, many of which are based on Microsoft SQL-based technologies\u2014 including SQL Server on-premises, SQL Server on Azure Virtual Machines, Azure SQL Database, Microsoft Analytics Platform System, and Azure SQL Data Warehouse.<\/p>\n<p>Microsoft recommends a four-step process to guide you through the journey to comply with GDPR:<\/p>\n<ol>\n<li>First, you\u2019ll need to discover where personal data is located. This involves understanding the attack area and how this sensitive data can be accessed, which allows you to identify the potential gaps in GDPR compliance you\u2019ll need to address;<\/li>\n<li>In the second step, you\u2019ll govern who can access this data and how it\u2019s used. Azure SQL Database Firewall and SQL Server Authentication are just a few of the capabilities available to help with this;<\/li>\n<li>Next, you\u2019ll want to strengthen your protection efforts, reducing risk and minimizing the impact of data. This requires different methods for different data types and scenarios. Microsoft SQL offers several ways to help you with this step.<\/li>\n<li>Lastly, you need to keep the records and create the reports necessary for meeting GDPR obligations. This also includes ensuring transparency with the subjects of this sensitive data.<\/li>\n<\/ol>\n<p>While your journey to comply with GDPR may seem challenging, Microsoft\u2019s various data platform solutions will help you along the way. Microsoft helps you simplify your privacy journey to expose areas of risk and respond with agility and confidence, leveraging guidance from experts and our partner network.<\/p>\n<p>Start planning your data platform modernization to adhere to GDPR by signing up for our webinar to learn how you can start your journey with SQL Server 2017 and Azure Data Services.\u00a0<a href=\"https:\/\/info.microsoft.com\/Complying-with-GDPR-on-Microsoft-SQL-based-technologies-Registration.html\">Register today.<\/a><\/p>\n<p>We&#8217;ve also created a free e-book, <em>Getting ready for GDPR<\/em>, to help you understand your next steps so you can get ahead of the new regulation. <a href=\"https:\/\/info.microsoft.com\/sql-server-gdpr-ebook-registration.html\">Get your copy today<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This post is authored by Frederico Pravatta Rezende, Senior Product Marketing Manager, CADD &amp; AI.<\/p>\n","protected":false},"author":1457,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","footnotes":""},"post_tag":[],"product":[],"content-type":[2424],"topic":[2460],"coauthors":[2487],"class_list":["post-24144","post","type-post","status-publish","format-standard","hentry","content-type-best-practices","topic-data-security","review-flag-1593580414-58","review-flag-afaca-1593580789-398","review-flag-4-1593580446-456","review-flag-free-1593619513-128","review-flag-new-1593580247-437","review-flag-partn-1593580283-335"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.2 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Complying with General Data Protection Regulation (GDPR) on Microsoft Data Platform technologies - Microsoft SQL Server Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Complying with General Data Protection Regulation (GDPR) on Microsoft Data Platform technologies - Microsoft SQL Server Blog\" \/>\n<meta property=\"og:description\" content=\"This post is authored by Frederico Pravatta Rezende, Senior Product Marketing Manager, CADD &amp; AI.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft SQL Server Blog\" \/>\n<meta property=\"article:publisher\" content=\"http:\/\/www.facebook.com\/sqlserver\" \/>\n<meta property=\"article:published_time\" content=\"2018-03-15T17:00:12+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-23T06:51:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-content\/uploads\/2018\/08\/cropped-microsoft_logo_element.png\" \/>\n\t<meta property=\"og:image:width\" content=\"512\" \/>\n\t<meta property=\"og:image:height\" content=\"512\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"SQL Server Team\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@SQLServer\" \/>\n<meta name=\"twitter:site\" content=\"@SQLServer\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"SQL Server Team\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 min read\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/author\/sql-server-team\/\",\"@type\":\"Person\",\"@name\":\"SQL Server Team\"}],\"headline\":\"Complying with General Data Protection Regulation (GDPR) on Microsoft Data Platform technologies\",\"datePublished\":\"2018-03-15T17:00:12+00:00\",\"dateModified\":\"2024-01-23T06:51:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/\"},\"wordCount\":532,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#organization\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/\",\"name\":\"Complying with General Data Protection Regulation (GDPR) on Microsoft Data Platform technologies - Microsoft SQL Server Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#website\"},\"datePublished\":\"2018-03-15T17:00:12+00:00\",\"dateModified\":\"2024-01-23T06:51:13+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Complying with General Data Protection Regulation (GDPR) on Microsoft Data Platform technologies\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/\",\"name\":\"Microsoft SQL Server Blog\",\"description\":\"Official News from Microsoft\u2019s Information Platform\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#organization\",\"name\":\"Microsoft SQL Server Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Logo.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Logo.png\",\"width\":259,\"height\":194,\"caption\":\"Microsoft SQL Server Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"http:\/\/www.facebook.com\/sqlserver\",\"https:\/\/x.com\/SQLServer\",\"https:\/\/www.youtube.com\/user\/MSCloudOS\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Complying with General Data Protection Regulation (GDPR) on Microsoft Data Platform technologies - Microsoft SQL Server Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/","og_locale":"en_US","og_type":"article","og_title":"Complying with General Data Protection Regulation (GDPR) on Microsoft Data Platform technologies - Microsoft SQL Server Blog","og_description":"This post is authored by Frederico Pravatta Rezende, Senior Product Marketing Manager, CADD &amp; AI.","og_url":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/","og_site_name":"Microsoft SQL Server Blog","article_publisher":"http:\/\/www.facebook.com\/sqlserver","article_published_time":"2018-03-15T17:00:12+00:00","article_modified_time":"2024-01-23T06:51:13+00:00","og_image":[{"width":512,"height":512,"url":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-content\/uploads\/2018\/08\/cropped-microsoft_logo_element.png","type":"image\/png"}],"author":"SQL Server Team","twitter_card":"summary_large_image","twitter_creator":"@SQLServer","twitter_site":"@SQLServer","twitter_misc":{"Written by":"SQL Server Team","Est. reading time":"2 min read"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/author\/sql-server-team\/","@type":"Person","@name":"SQL Server Team"}],"headline":"Complying with General Data Protection Regulation (GDPR) on Microsoft Data Platform technologies","datePublished":"2018-03-15T17:00:12+00:00","dateModified":"2024-01-23T06:51:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/"},"wordCount":532,"commentCount":0,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#organization"},"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/","url":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/","name":"Complying with General Data Protection Regulation (GDPR) on Microsoft Data Platform technologies - Microsoft SQL Server Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#website"},"datePublished":"2018-03-15T17:00:12+00:00","dateModified":"2024-01-23T06:51:13+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/2018\/03\/15\/complying-with-general-data-protection-regulation-gdpr-on-microsoft-data-platform-technologies\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/"},{"@type":"ListItem","position":2,"name":"Complying with General Data Protection Regulation (GDPR) on Microsoft Data Platform technologies"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/","name":"Microsoft SQL Server Blog","description":"Official News from Microsoft\u2019s Information Platform","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#organization","name":"Microsoft SQL Server Blog","url":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Logo.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-content\/uploads\/2019\/08\/Microsoft-Logo.png","width":259,"height":194,"caption":"Microsoft SQL Server Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/#\/schema\/logo\/image\/"},"sameAs":["http:\/\/www.facebook.com\/sqlserver","https:\/\/x.com\/SQLServer","https:\/\/www.youtube.com\/user\/MSCloudOS"]}]}},"msxcm_display_generated_audio":false,"msxcm_animated_featured_image":null,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-json\/wp\/v2\/posts\/24144","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-json\/wp\/v2\/users\/1457"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-json\/wp\/v2\/comments?post=24144"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-json\/wp\/v2\/posts\/24144\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-json\/wp\/v2\/media?parent=24144"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-json\/wp\/v2\/post_tag?post=24144"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-json\/wp\/v2\/product?post=24144"},{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-json\/wp\/v2\/content-type?post=24144"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-json\/wp\/v2\/topic?post=24144"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/sql-server\/blog\/wp-json\/wp\/v2\/coauthors?post=24144"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}