Guide to enhancing privacy and addressing GDPR requirements with the Microsoft SQL platform

THIS TOPIC APPLIES TO: yesSQL ServeryesAzure SQL DatabaseyesAzure SQL Data Warehouse yesParallel Data Warehouse


On May 25, 2018, a European privacy law is due to take effect that sets a new global bar for privacy rights, security, and compliance. The General Data Protection Regulation, or GDPR, is fundamentally about protecting and enabling the privacy rights of individuals, and establishes strict global privacy requirements governing how personal data is managed and protected, while respecting individual choice.

Microsoft SQL customers who are subject to the GDPR, whether managing cloud-based or on-premises databases or both, will need to ensure that qualifying data in their database systems is aptly handled and protected according to GDPR principles. This means that many customers will need to review or modify their database management and data handling procedures, especially focusing on the security of data processing as stipulated in the GDPR.

Microsoft SQL-based technologies offer many built-in security capabilities that can help reduce risks to data and improve the protection and manageability of data at the database level and beyond. This paper examines these capabilities and shares some of Microsoft's own approaches using Microsoft SQL for achieving the data privacy goals of the GDPR.

Writer: Ronit Reger

Technical Reviewers: Conor Cunningham; Joachim Hammer; Shai Kariv; Julie Koesmarno; Alice Kupcik; Ron Matchoro; Gilad Mittelman; Dan Rediske; Tomer Weisberg

Published: May, 2017

Applies to: SQL Server (all versions), Azure SQL Database, Azure SQL Data Warehouse, Analytics Platform System

To review the document, please download the Guide to enhancing privacy and addressing GDPR requirements with the Microsoft SQL platform document.