Data pro­tec­tion impact assess­ment for the use of Micro­soft 365

Free Public Edu­ca­ti­on Template

Public edu­ca­tio­nal insti­tu­ti­ons that use Micro­soft 365 are gene­ral­ly respon­si­ble for imple­men­ting data pro­tec­tion requi­re­ments them­sel­ves. Accor­ding to Artic­le 35 of the Gene­ral Data Pro­tec­tion Regu­la­ti­on (GDPR), they are obli­ged to check whe­ther a data pro­tec­tion impact assess­ment (DPIA) is requi­red and, if so, to per­form it. With the help of our free tem­p­la­te for a data pro­tec­tion impact assess­ment (DPIA) for the use of Micro­soft 365 by public edu­ca­tio­nal insti­tu­ti­ons , we sup­port data con­trol­lers in asses­sing and docu­men­ting data pro­tec­tion risks and sui­ta­ble reme­di­al mea­su­res. As a result, the use of Micro­soft 365 by a public edu­ca­tio­nal insti­tu­ti­on may be per­mis­si­ble under data pro­tec­tion law if a sui­ta­ble sel­ec­tion of risk-reducing tech­ni­cal and orga­ni­sa­tio­nal mea­su­res is implemented.

For more infor­ma­ti­on on data-protection-compliant use of Micro­soft 365, see our one-pager on Micro­soft 365 data pro­tec­tion com­pli­ance and our five tips for data-protection-compliant use of Micro­soft 365 by public sec­tor enti­ties. Feel free to get in touch with us at any time if you need our sup­port in using Micro­soft 365 in a data-protection-compliant man­ner or if you have any ques­ti­ons. We would be hap­py to explain our pro­ce­du­re to you in detail in a per­so­nal meeting.