What is the GDPR Hub?

Although 25 May (2018) is fast approaching, many people are still wondering where to start working towards GDPR compliance. Even more - even those who have actually started - are wondering how they can ensure that what is being done is actually enough. What's needed is a complete hub where all your tools and documentation are available in one place. That's why we at WeSafe have developed the GDPR Hub.

The only comprehensive solution for GDPR

In its most basic form, GDPR work can be divided into four key areas - identify, manage, protect and report. For each category, the GDPR Hub offers tools, support materials and apps, as well as predefined processes and workflows for your ongoing compliance work.

In short, the GDPR Hub is the only comprehensive solution for GDPR compliance on the market today. It gives you, the user of Microsoft cloud services, access to all the evidence you need to structure and practically implement GDPR - from start to finish.

Of course, the work needs to be tailored to the business you're in, but instead of spending hundreds of hours filling in the blanks, you'll spend a fraction of the time because the basic material is already done and in the hub.

The right information at the right stage of your compliance journey

So why is it so important to gather all the material in one place? Basically, it's because the work on GDPR is so extensive and has to be done at so many different levels and different functions within a company. If you don't collect all the documentation, it simply becomes difficult to sift through the efforts that need to be made and almost impossible to get insight into who is doing what. Moreover, if you have no guidance, it is difficult to decide where to start the work - all you see is a mountain of requirements and must-dos that can seem insurmountable.

For those looking for answers on how to tackle the big task of meeting GDPR requirements, the information is delivered and tailored to meet you at the level where you and your employees are on the journey to compliance.

As I said, many people have barely started and often the texts of regulations are too advanced without prior knowledge. Although the content of Microsoft's Compliance Manager (the "heart" of the hub) is clearly structured, it can be difficult to grasp for those who are not familiar with the regulatory framework. That's why we've also developed a lite version of the hub, which comes with a step-by-step guide explaining how to tackle the new regulation by structuring and categorising the work. Together with support materials, links and apps adapted for the different key areas, it makes it easier to get an overview of what to do and why.

How the hub will help you once the GDPR comes into force

Requests for extracts of personal data will require resources. Some organisations are likely to be targeted by individuals who do not appreciate the type of activities they carry out. Another possible (and undesirable) scenario is that companies seeking to undermine their competitors will take steps to try to expose their compliance failures.

Not being prepared when the regulation comes into force means that when the requests start to come in, you are completely helpless and have to start from square one. This will require significant resources as the timeframe for delivering the data to the requestor is tight and you do not have processes and procedures in place.

If you receive a request from a person who wants, for example, extracts of personal data held by the company, you must be able to ensure that the person requesting them is the right person. Personal data is sensitive information that must not fall into the wrong hands.

Through the GDPR Hub, it is possible to verify the identity of the enquirer via BankID. In addition to the reassurance that the right person has access to the right data, the benefits are that you don't have to spend time and resources processing requests that are not made by the right person, and the identification option also prevents spam of requests from unauthorised persons.

Why you must act - NOW!

Many people have underestimated the amount of work required to comply with GDPR and it's easy to think that GDPR doesn't apply to your business. But the more you learn about the scope of the regulation, the more you'll understand that it affects all businesses. It's hard to imagine a business that doesn't handle any personal data at all...

You've probably been confronted with fear-mongering about the penalties that can be imposed on a company that fails to comply with the GDPR. There are no precedents yet and therefore the threat of sanctions may not be what makes the average business owner particularly shaky - they simply don't know how the regulation will be applied yet.

But another aspect, which fewer people have taken into account, is that GDPR will be a crucial competitive issue. As a vendor, if you cannot demonstrate GDPR compliance, you will be out of the running in the near future, as many (especially larger companies), are now establishing internal policies that partnerships can only be entered into with partners who are proven compliant. A rude awakening for those who don't take the issue seriously.

Want to know more about the GDPR Hub? Contact us directly and we'll tell you more about how we can take your business from zero control to full control.

Robert Veberg
Robert Veberg

Technical Lead - Microsoft Modern Workplace

040-626 75 81robertveberg@wesafe.se

Inspiration and knowledge straight to your inbox

Sign up for our monthly inspirational newsletter that provides tips, insights and advice on new ways of working, processes and security related to Microsoft 365, Azure and various tools in the Microsoft cloud platform.

Free Security Analysis of your Microsoft 365 environment

Free safety analysis

Get concrete and actionable tips on how to better protect your organisation

Read more and book

Are you interested in other blog articles from WeSafe?

Want to know how we can help your business thrive in Microsoft 365? Get in touch and we'll tell you more!