The beginning of General Data Protection Regulation (GDPR) enforcement is here. Partners like you have been working to help customers prepare to comply with this significant privacy legislation, providing services in four key areas that can advance customers in their GDPR compliance journeys. And can expand your opportunities to offer new services and to collaborate with other partners whose expertise complements your own.

Find out more about these opportunities and partner services best practices. Then access related resources, including a brand new, Microsoft executive-led GDPR webcast.

Advisory services

Of course, GDPR requires technical implementation. But there’s more to consider than the technology. Customers are also seeking legal, governance, and compliance advice and best-practice recommendations. Not every partner organization has these skills in-house. If you don’t, consider connecting with partners who do, so you’re better positioned to deliver comprehensive solutions to customers who must comply with GDPR requirements.

Microsoft partner in action: Controle

Through end-to-end information governance, Controle helps clients take charge of their electronic data. Controle’s team of IT, legal, and compliance experts offer GDPR-related advisory, technical, and managed services that collectively help reduce costs. Mitigate risks associated with noncompliance. And create a repeatable, defensible process that speeds evaluation and enables Controle to serve more customers, faster—generating more revenue for their practice. Read the complete story.

Discovery and assessment services

To begin a customer GDPR engagement, many partners begin with education and a gap analysis to help generate GDPR awareness—particularly with organizations that aren’t based in the European Union (EU), but serve EU residents. The new GDPR Foundations Training kit offers an ideal starting point to introduce the basics through either a 45-minute or half-day session. Using assessment tools like the Microsoft GDPR Detailed Assessment (available in five languages), you can identify those gaps and deliver a multiyear plan to help improve customer compliance.

Microsoft partner in action: Oxford Computer Group

Oxford Computer Group offers a data security and privacy service that evaluates and advances an organization’s posture against recognized security governance and management industry standards. Oxford’s engagement starts with a complete current-state assessment, including an evaluation of GDPR readiness. Based on the organization’s posture scores, a defined remediation roadmap that spans security policy, procedures, and technology is implemented. Through the service, organizations gain a clear view into and evidence of their security and privacy posture progress over time, which can be used for compliance and audit purposes, or board level-review.

Deployment and implementation services

As customers move toward GDPR compliance, they’re reviewing their data practices and engaging in data hygiene exercises. They may need help to identify where their data resides. To optimize processes. And to implement solutions that will help them meet regulatory requirements. A combination of Microsoft 365 technologies and tools like the GDPR Data Discovery Toolkit—and deployment and implementation partner expertise—is helping these customers accelerate their GDPR journeys.

Microsoft partner in action: Lighthouse

Lighthouse legal and technology experts work together to help customers attain GDPR compliance. To achieve that goal, the Lighthouse team maps current eDiscovery and information governance workflows to Office 365, providing a roadmap based on recommended services, technology, and support. The result? Consumption of Office 365 E5 license sales through advanced compliance SKUs.

Managed services

While 25 May marked the beginning of GDPR enforcement, meeting it and achieving continuous compliance will require continuous attention and action moving forward. In response, many partners have added managed services to their portfolios, taking advantage of Microsoft Compliance Manager and new capabilities like data subject requests to continue to support customers over time. And to create ongoing revenue streams for their practices.

Microsoft partner in action: 5.25, a GDPR partner consortium

An end-to-end GDPR solution relies on people, processes, and systems. But few partner organizations have deep experience across all these areas. Three companies, each with their own specific area of expertise, formed a consortium to provide a single cohesive solution to help their customers move toward GDPR compliance. Audittrail analyzes processes and defines GDPR gaps; Mavim captures and visualizes all relevant information related to regulatory requirements; and Motion10 assesses the vulnerabilities of IT systems, and identifies recommended adjustments. By using a GDPR framework and Microsoft tools like Compliance Manager and Azure Information Protection, 5.25 offers customers a future-proof, GDPR-compliant environment. Read the complete story.

New Microsoft executive-led GDPR webcast

On 25 May 2018, Microsoft executives, including Brad Smith, President and Chief Legal Officer, presented the Safeguarding individual privacy rights with the Microsoft Cloud webcast.

The webcast reinforced Microsoft’s support for privacy and showcased how the Microsoft Cloud can help accelerate GDPR compliance, with topics that covered:

  • Using GDPR fundamentals to assess and manage compliance risk.
  • Protecting customer data with built-in, intelligent security capabilities.
  • Meeting compliance obligations by streamlining processes.

Watch the webcast on demand.


Next steps

– View the new webcast .
– Explore Microsoft partner GDPR resources, including the GDPR sales and Foundation Training kits .
– Build your security and compliance practice .
Find a partner whose GDPR skills complement your own.