You are most likely well aware by now about GDPR – General Data Protection Regulation On 25th May 2018, a revised European data protection law is due to take effect, refreshing the former rules of the European Union (EU) that were defined in 1995.  Substantial changes are required by organisations throughout the world to achieve compliance with the GDPR.  There are penalties for non-compliance.  Organisations can be fined up to 4% of annual global turnover or €20 Million.   Not all aspects and interpretations of GDPR are well settled yet.  As a result, we are providing information to our clients for informational purposes only and it should not be relied upon as legal advice or to determine how GDPR might apply to you and your company.  We encourage you to work with a legally qualified professional to discuss GDPR, how it applies specifically to your organisation, and how best to ensure compliance.   Over the coming months, we’ll be sending out information to help you prepare for GDPR.  We’ll show you which Microsoft products and services are available that can help you in your preparation for meeting GDPR requirements.   Our four-step process is what we recommend you follow on your journey to GDPR compliance.  The four steps are: Discover: Identify what personal data you have and where it resides. Manage: Govern how personal data is used and accessed. Protect: Establish security controls to prevent, detect, and respond to vulnerabilities and data breaches. Report: Keep required documentation, manage data requests, and provide breach notifications. Please keep an eye out for our future emails and newsletters where we’ll help you along your journey of compliance.