Serviceteam IT Security News

The EU has launched an investigation into contracts Microsoft holds with its institutions to ensure data processing is conducted in compliance with the GDPR.

Regulator the European Data Protection Supervisor (EDPS) revealed yesterday that it was undertaking the investigation into contractual arrangements with the US tech giant after a Data Protection Impact Assessment Report in the Netherlands last November highlighted issues.

That audit found that: “Microsoft collects and stores personal data about the behavior of individual employees on a large scale, without any public documentation.”

Microsoft Office ProPlus was singled out for attention in that report.

Now the EDPS is warning of “increased risks to the rights and freedoms of individuals” for any EU institutions using the same apps detailed in the audit.

“The EU institutions rely on Microsoft services and products to carry out their daily activities. This includes the processing of large amounts of personal data. Considering the nature, scope, context and purposes of this data processing, it is vitally important that appropriate contractual safeguards and risk-mitigating measures are in place to ensure compliance with the new regulation,” said the EDPS.

“The EDPS investigation will therefore assess which Microsoft products and services are currently being used by the EU institutions, and whether the contractual arrangements concluded between Microsoft and the EU institutions are fully compliant with data protection rules.”

The regulation it is auditing against is Regulation 2018/1725, which is designed to bring the data protection rules governing EU institutions in line with the GDPR.

For its part, Microsoft has already committed to helping its customers comply with the GDPR and Regulation 2018/1725.

“We stand ready to help our customers answer any questions the European Data Protection Supervisor may have,” it added in a statement.

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!