EY to help businesses comply with EU General Data Protection Regulation in collaboration with Microsoft

London, 23 May 2017

  • Share
  • New privacy model applies to all businesses offering goods or services to EU

EY announced today that it is collaborating with Microsoft on a broad approach to help address many of the challenges clients are facing around the EU General Data Protection Regulation (GDPR), which goes into effect on May 25, 2018.

The GDPR applies to all businesses offering goods or services to the EU and aims to protect the privacy and security of EU residents’ personal data through the imposition of numerous requirements impacting the entire data lifecycle within most organizations.

The jointly-developed service will use existing and new capabilities from both EY firms and Microsoft to offer the technology and processes that help support compliance and risk management.

Using Microsoft’s Secure Productive Enterprise initiatives inclusive of Microsoft Azure, Microsoft Office 365 and Windows, companies will be able to use their existing investments in technology to comply with GDPR regulations. The new initiative can expand EY compliance, privacy and data protection offerings, and augments an existing portfolio jointly developed by EY and Microsoft, including services to help organizations sense, resist, react and recover from cyberattacks.

Angela Saverice-Rohan EY Americas Privacy Leader, Advisory, says:

“The GDPR is unlike any other privacy regulation to date. It impacts businesses around the world, and creates challenges that won’t be solved by policy and procedures alone. Additionally, the GDPR presents a tremendous opportunity for companies to strategically manage their compliance in a way that achieves other important value propositions; specifically data enablement, process optimization and risk reduction. Technology is at the heart of this, and the joint initiative by EY and Microsoft will help to create value for clients at all stages of their GDPR journey, beginning at the data discovery phase and all the way through to automation of many aspects of GDPR compliance.”

Paul van Kessel, EY Global Cybersecurity Leader, says:

“The GDPR is a major disruptor to our clients as well as our own industries, in both technology and consulting. It will transform how companies manage personal data and is already creating an industry of new point solution providers. But, our clients are looking for a holistic way to address the regulation, from initial assessment, through implementation planning and operationalization. They are looking for approaches that integrate privacy and security and that also manage risk across the three lines of defence namely, business operations, risk and compliance and internal audit. Working on the Microsoft Azure cloud platform will enable us to create options that flexibly support clients through the GDPR compliance journey.”

Brendon Lynch, Chief Privacy Officer, Microsoft Corp. says:

“The European Union’s GDPR represents a significant shift in the way personal data is regulated and it is having global impact. It places more obligations on organizations to take a comprehensive approach to respecting and protecting the personal data they control – no matter where it is stored, processed or sent. Microsoft cares deeply about privacy and takes a principled approach to safeguarding personal information. Our strong commitments to privacy, security, compliance and transparency ensure you can trust the digital technology that we provide and you rely on. Microsoft’s broad portfolio of enterprise cloud services and endpoint solutions has many robust and certified security and privacy capabilities to help companies meet their GDPR obligations and we’re committed to being GDPR compliant across our cloud services when enforcement begins on May 25, 2018. Our technology capabilities combined with EY’s process transformation, compliance audit experience and people-oriented approaches will enable us to develop innovative solutions that together drive greater value for our customers.”

The alliance between EY and Microsoft, announced in 2015, leverages the combined strengths of both organizations for jointly-developed offerings. Recently, EY announced new joint offerings with Microsoft on cyber managed services and a service to help companies run their SAP® software environments securely on the Microsoft Azure cloud platform.

- Ends -

Note to editors

About EY

EY is a global leader inassurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets andin economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.

This news release has been issued by EYGM Limited, a member of the global EY organization that also does not provide any services to clients.