The General Data Protection Regulation (GDPR), effective May 25, 2018 , is designed to “harmonize” data privacy laws across Europe as well as give greater protection and rights to individuals. GDPR provides for sweeping changes for the public as well as organizations that handle Personally Identifiable Information (PII). Individuals are given new powers over their data, with enhanced rights to access, rectify and erase their data as well as being able to freely request the transfer of their information to other platforms. One of the biggest changes for organizations is the accountability principle (Article 5(2)), which requires companies to implement appropriate technical and organizational measures to protect personal data and to maintain relevant documentation of all processing activities. Full compliance with GDPR cannot be achieved solely through technical means. The scope of the regulation is broad, encompassing a number of organizational and procedural requirements in addition to technical security requirements.

ONgroup’s software products, ONware, when used with Microsoft SQL Server provide the capabilities needed to enable fulfillment of many of these key principles, as described below. However, GDPR compliance will ultimately depend on an effective application of these capabilities throughout your product design and implementation, as well as other organizational and procedural controls to address all articles of GDPR.

For details of GDPR compliance with SQL Server, you can review the Microsoft’s document, https://docs.microsoft.com/en-us/compliance/regulatory/gdpr.