A lengthy investigation into the European Union’s use of Microsoft 365 has found the Commission breached the bloc’s data protection rules through its use of the cloud-based productivity software.
Announcing its decision in a press release today, the European Data Protection Supervisor (EDPS) said the Commission infringed “several key data protection rules when using Microsoft 365”.
“The Commission did not sufficiently specify what types of personal data are to be collected and for which explicit and specified purposes when using Microsoft 365,” the data supervisor, Wojciech WiewiĆ³rowski, wrote, adding: “The Commission’s infringements as data controller also relate to data processing, including transfers of personal data, carried out on its behalf.”
The EDPS has imposed corrective measures requiring the Commission to address the compliance problems it has identified by December 9 2024, assuming it continues to use Microsoft’s cloud suite. READ MORE...
No comments:
Post a Comment