GDPR in Dynamics 365 for Finance and Operations
Posted on: May 21, 2018 | By: Jarrod Kraemer | Microsoft Dynamics AX/365
Authored by: Dave Occhionero
In the past couple of months, the US has seen several companies under intense scrutiny from legislators and consumers regarding the privacy of their personal data. Reactionary steps have been taken to resolve these issues, but they will continue to pop up if customers share personal information. The EU is taking preventative measures to protect consumer data, and have developed a piece of privacy regulation set to take effect on May 25th called the General Data Protection Regulation (GDPR).
This law is designed to increase the rights an individual has over the data that a company gathers from them. Individuals will now find it easier to ask for the data a company collects, and will have more power to request the company to delete it. Every company in the EU will need to adhere to these guidelines, but the degree of the laws impact will differ across companies. Firms that heavily rely on the collection and distribution of customer data will need to develop solutions and business processes for handling these customers request. Many social networking websites have already created tools to view data that has been collected, and I have personally used these new tools with some of the large players in social media. The tool is easy to use, but is difficult to find; I had to Google it. Additionally, these companies are also releasing new security policies that comply with GDPR, but will go into effect on a worldwide basis. Also, in the unfortunate even of a data breach, firms will be required to notify authorities immediately. There will no longer be scenarios where a breach occurs and the public finds out about it months later.
Microsoft has been ahead of the curve with preparing for GDPR’s release. They have devoted an entire website to help customers become GDPR compliant, and have a site dedicated to the Dynamics Finance and Operations application (click here).
The second link I provided takes a deep dive into scenarios that would initiate a data subject right of an individual. Some of these requests include a customer, or employee asking to view, correct, or erase personal data. The controller of GDPR at the organization will need to identify the person, confirm that they are a resident of the EU, record the date and time of the request, affirm that the DSR request is valid, and will verify that the information for the request exists. This link also shows the scenarios where data cannot be deleted. (Audit, GAAP principles)
We are anxiously awaiting the arrival of GDPR regulations for our international clients, and will be curious to see if any regulation along these lines takes place in the US. This blog will have a part two once clients are live with the new requirements. For additional information please feel free to reach out to us at info@loganconsulting.com or (312) 345-8817.
All the best!
Logan Consulting
www.loganconsulting.com
 |
Free Download:25 Brilliant Ideas to Outsmart Your Competition with Microsoft Dynamics |
 |
Free Download:Top 10 Inventory & Operations Decisions Distributors Are Making Blind |
 |
Free Download:2020 Nucleus Research Report on ERP Technology |