Microsoft has made available Privacy Management for Microsoft 365, a new AI-based solution to help enterprises manage data privacy risks and build a privacy resilient workplace, as well as automate the response to subject rights requests at scale.
Privacy Management is built-into the Microsoft 365 compliance center and is currently available as an add-on to organizations with Office 365 A1/E1/A3/E3/A5/E5 and Microsoft 365 A3/E3/A5/E5 subscriptions.
“With role-based access controls and data de-identified by default, Privacy Management for Microsoft 365 helps organizations to have end-to-end visibility of privacy risks at scale in an automated way.”
From the privacy administrators’ perspective, Privacy Management for Microsoft 365 continuously finds where personal data is stored in the enterprise environment and maps it, allowing them to see an aggregated view of the organizations’ privacy posture; the amount, category, and location of private data; and associated privacy risks and trends over time.
“Data privacy regulations such as GDPR or California Consumer Privacy Act grant consumers the right to know the specific pieces of data that organizations have collected about them. Responding to such requests has been a manual and cumbersome process,” Shilpa Ranganathan, Group Product Manager, Microsoft Security and Compliance, explained.
She also pointed out that Microsoft has also provided APIs to allow customers to integrate with their existing processes and solutions to automatically create and manage subject rights requests in Privacy Management, as well as partenered with several privacy software vendors to extend subject rights management capabilities to personal data stored outside of Microsoft 365 environment.