Archive for the ‘Microsoft Dynamics Ax’ category

VAT update Qatar, KSA

September 10th, 2019

On 23 May 2019, Qatar’s General Tax Authority (GTA) disclosed to tax advisors in Qatar a new online tax management system known as “Dhareeba.” The new system should be available to taxpayers near the end of 2019, with all taxpayers expected to be registered before 1 January 2020, at which time Dhareeba will replace the current Tax Administrative System (TAS). PwC Qatar was invited to go through its own registration as a ‘pilot’ exercise during the last week of July 2019.

The Qatar General Tax Authority (‘GTA’) has redesigned the Tax website, allowing it to be operational in both English and Arabic. The website aims to provide vital information regarding any new taxes which may be implemented, particularly emphasizing the Excise Tax which came into effect on January 2019.

VAT is widely expected to be introduced on 1 Jan 2020. Synergy support several companies in Qatar and has a local registered company there. If you need assistance with planning VAT implementation for Dynamics Ax./Dynamics 365 Finance and Operations, or Infor SunSystems then please contact us. we have already undertaken numerous VAT projects In the GCC.

You will find much useful advice in our previous blog posts.

Meanwhile today the International Monetary Fund (IMF) has suggested that the value-added tax (VAT) should be doubled from 5% to 10% in Saudi Arabia in consultation with the other Gulf countries. Analysts expect the hike in VAT rate will come only after 2021 once Kuwait and Oman will also be ready to implement it and as a customs union, the increase makes sense across the GCC countries.

The UAE and Saudi Arabia introduced the 5% value-added tax from January 2018 and both the countries surpassing their tax collection targets. So this proposed increase seems odd because it has already impacted businesses more than expected.

The Kingdom’s non-oil revenues last year increased by 59%, buoyed by the VAT, excises, expatriate levy, and proceeds from the settlement agreements. IMF estimated that the VAT rate increase will add 2.0% to the Kingdom’s GDP in 2024.

Of course, as a customs union, it is logical that GCC countries would seek to keep their VAT rates harmonized in order to prevent tax arbitrage opportunities emerging within the GCC.

Dynamics 365 rated highly by Nucleus Research for 2019

September 9th, 2019

Power BI wave 2 Oct 2019 – what’s new preview

August 18th, 2019

The 2019 release wave 2, 2019 release wave 2 -planned to release in the time frame October 2019-March 2020 – brings to market significant new capabilities to enable digital transformation for businesses. For Power BI, these new capabilities include:
Unified platform for enterprise BI
• Data Protection (Preview)
• Shared and Certified Datasets
• Data lineage capabilities (Preview)
• Open platform connectivity (XMLA Read/Write) (Preview)
• Datasets larger than 10GB in Power BI Premium (Preview)
• Admin usage metrics
• Unattended Power BI template app installation

Self-service analytics for everyone
• New experience for report consumption
• Home customization
• Mobile Home

Gartner recognized SnapLogic as a Visionary in its Data Integration Magic Quadrant

August 7th, 2019

Gartner recognized SnapLogic as a Visionary in its Data Integration Magic Quadrant! This comes on the heels of being recognized as a Leader in three top analyst reports for the best integration platform as a service (iPaaS) solutions – the Gartner Magic Quadrant, Forrester Wave, and G2 Crowd Grid.
We believe these collective recognitions testify to the fact that SnapLogic is unrivaled when it comes to integrating cloud applications and on-premises data in one unified platform.

Gartner commended SnapLogic for:
• Our powerful integration convergence and augmented data integration delivery
• Our easy accessibility to diverse user personas
• Our pricing model simplicity and trial version

Synergy Software Systems is a Middle East partner. . This solution speeds up deployment of complex solutions with multiple jntegrations and significantly improves and simplifies the management and maintenance of integrations.

Whether for EDi to Odette standards for the automotive sector, or for streaming high volumes of data, or for ETL processes to bring data from multiple, enterprise systems into a data lake or Enterprise BI or Corporate performance management system, Snap Logic provides a multitude of pre built “Snap integrations: for a low code, configuration approach to integration.

Synergy Software Systems has provided integrated solutions in the region. Digital revolution is proving new opportunities and challenges. Robotic Processes Automation, Predictive analytics, ML AI, IoT, RFID, cloud services, data lakes, and mobility are now standard components of any solution. However digital revolution also requires agility and rapid robust deployment and ease of update and maintenance. Integration ETL, and streaming data from multiple systems at enterprise scale needs a new ‘productized’ low code approach to integration.

Snaplogic is a key tool for successful agile deployment of Enterprise integration, Corporate Performance management, EDI, BI and RPA solutions.

There are already major clients deploying Snap Logic in the UAE.

To learn more . Call us on 00971 43365589

“Disbursements & Reimbursements’: U.A.E. – VAT clarification

July 31st, 2019

The Federal Tax Authority (‘FTA’) has released a Public Clarification on “Disbursements & Reimbursements” which addresses how to distinguish reimbursements and disbursements, and to clarify the applicable VAT treatment.

U.A.E. businesses incur expenses and subsequently recover such expenses from another party. The VAT treatment of the subsequent recovery of expenses depends on whether the recovery is a “disbursement” or a “reimbursement”.

The first step to determine whether a recovery is a disbursement or reimbursement is to establish whether you have acted as a principal or an agent in purchasing the goods or services

General principles to determine the VAT treatment of such recoveries:
Where a taxable person acts in the capacity of an agent, the recovery would generally amount to a disbursement.
A disbursement does not constitute a supply and is,therefore, not subject to VAT

Where a taxable person acts in the capacity of a principal, the recovery would generally amount to a reimbursement.
A reimbursement is part of consideration for the supply and follows the same VAT treatment as the main supply.

Principles

* The other party (from who you are recovering such expenses) should be the recipient of the goods or services;

* The other party should be responsible for making the payment to the supplier;

* The other party should have received an invoice or tax invoice in their own name from the supplier;

* The other party should have authorized you to make the payment on his behalf;

* The goods or services paid for should clearly be additional to the supplies you make to the other party;

* he payment should separately be shown on the invoice and you should recover the exact amount paid to the supplier, without a mark-up.

* You should have contracted for the supply of goods or services in your own name and capacity;

* You should have received the goods or services from the supplier;

* The supplier should have issued the invoice in your name;

* You have the legal obligation to make payment to the supplier;

* In case of goods, you should own the goods prior to making any onward supply.

Examples

Company A procured group medical insurance from a local insurance company and received an invoice directly from the insurance company.

* Company A requested Company B to make the payment on its behalf.

* The subsequent recovery of the amount by Company B from Company A will amount to a disbursement, and would not be subject to VAT.

* Company A should ensure that the Tax Invoice is addressed to it from the insurance company and should recover the input tax through its UAE VAT return, subject to the normal input tax recovery rules.

Company A entered into a contract with Company B to provide marketing services.

* The contract stipulated that Company A would be eligible to reimburse the expenses from Company B.

* Company A incurred the expenses in its own name and subsequently recovered the amounts from Company B as per the terms of the contract.

* The recovery of expenses from Company B would follow the same VAT treatment as that of the main supply.

We recommend;

* Identify the nature of your contract and agent/principal relationships (if any) based on the above principles;
* Ensure that all disbursements have proper authorizations (contracts); and
* Re-view all inter-company disbursements/ reimbursements (cross-charges).

Dynamics 365 license changes – from 1 October 2019

July 22nd, 2019

There was a lot of exciting product and technology news form Microsoft’s Inspire event in Las Vegas this month.
Not so inspiring for many of the audience was the announcement of changes in licensing to take effect as early as 1 October this year.

if you are an existing Dynamics 365 customer on the cloud for any app then you are affected, as are those intending to buy.

For now there is no change to on-premise licenses (some D365 apps are only available on the cloud).

Effective October 1 , 2019, Customer Engagement Plan, Unified Operations Plan, and Dynamics 365 Plan
SKUs will be removed from all price lists. Finance and Operations will be split into individual applications – one for Supply Chain Management, and one for Finance. This change will enable customers to purchase suitable core workload application(s) for individual user
needs going forward.

Core workload Business Applications are Sales, Customer Service, Field Service, Project Service Automation, Supply Chain Management, Finance, Retail, and Talent. The current plan offerings for :Customer Engagement Plan, Unified Operations Plan, and Dynamics 365 Plan be removed from all channels and for all licensing segments.

The new ‘ la carte’ approach is user license (USL) based.

Base license: the first Business Application purchased at the standard price.
Attach licenses are the additional USL application(s) at a flat price of:
$20 per Customer Engagement application
or
$30 per Unified Operations application.

• Each Attach license can only be assigned to a user with the prerequisite Base license.
• When purchasing multiple Business Applications, the Base license must be the higher priced license.
• Each user may only have one Base license.
• Attach license:USL application(s) incrementally purchased after the Base license. Users may have
as many Attach licenses as needed.
• Base and Attach licenses are identical in their core capabilities and are only differentiated in price. .

Business Applications that can’t be purchased as Attach licenses:
Core workload Business Applications:
• Project Service Automation
• Marketing
• Talent
Non-core workload applications:
• Customer Insights
• Microsoft Relationship Sales solution
• Sales Insights
• Marketing Additional Application
Customer Service Chat
• Resource Scheduling Optimization
• comprehensive hiring
• Order Lines
• Forms Pro
• All capacity add-ons

Customers seeking one Business Application per user should only purchase a Base license per user.
Single Business Applications priced between $50-$180 are less expensive than Customer Engagement Plan ($115) or Unified Operations Plan ($190) today.

For existing customers there is no immediate change to customers’ existing agreement. They can true up seats at the renewal anniversary as required. At renewal (after the beginning October 2019), customers must renew on the new Attach construct. They must have a qualified Base license for each user and assign the additional Attach licenses to their multiple application users as required. Its possible that someone will be able to use lower cost licenses.

Supply Chain Management, Finance, and Retail apps have a 20-user minimum purchase requirement. There is a difference between CE and CSA licensing in this respect..

There is no change in dual use rights. Dual use rights vary by application.

Power Bi new installers – be ready to change your upgrade scripts

July 20th, 2019

Currently, Microsoft builds and publish 84 different .msi files for installing Power BI – a 32-bit and a 64-bit one for each of the 42 languages it supports/

They have just completed work to wrap these into two installers (32- and 64-bit), which will give users the ability to change the language of the UI and model without having to install a new version.

An enterprise administrator who manages the rollout of Power BI Desktop to users in multiple languages will find this much easier.

You can get the new single installer at https://aka.ms/pbiSingleInstaller, and you still find the separate MSIs for each language at https://www.microsoft.com/download/details.aspx?id=45331.

The MSIs will continue to be available (and updated each month) until the September update, after which only the new single installer will be available.

If you have scripts that pull new versions of Power BI Desktop from the Microsoft Download Center, need to be update to point to the new location before October 1st

SQL Server 2008 and SQL Server 2008 R2 -OUT OF SUPPORT today

July 13th, 2019

SQL Server 2008 and 2008 R2, both of these versions of SQL server go out of extended support with Microsoft today 9th July 2019

Many companies and businesses are still SQL Server 2008 R2 and below. There can be a number of reasons for this, maybe the applications the databases support require an older version of SQL Server, maybe the applications are also coming to the end of life, but the end dates do not match up with the data platform end of support dates.

Sometimes applications are critical to the business and everything works just fine. The business doesn’t want to disrupt the application or introduce any risk by performing a migration to a new version so why change it?

In this situation your data platform is out of support completely. Out of support system attract hackers. Note the previous articles about fines for loss of privacy data to realise how serious this can be

So you should be making plans to migrate your legacy SQL Servers off the unsupported versions. It is likely if you are still on an old database that you are also on an old server and on an old version of Windows. That gives additional risk of failed hard disks, other system vulnerabilities – Meltdown, Spectre? Phishing…….
Investors and insurers are not likely to be sympathetic in such circumstances.

There are many performance and security benefits of upgrade.

If you decide to run on out support software and take the risk associated with running on out of support software. The main advantage of this approach is there is nothing immediate to do. The longer you run on the platform the greater the chances of you encountering a security vulnerability or failing a compliance test.
If anything does go wrong you’ll have no support from Microsoft.
Other software vendors support contracts may also require that you be on a currently supported database

Modernise and upgrade is one of the options that you have available.

You can upgrade your on premises SQL Server or migrate the databases to Azure either as IaaS solution where you run the VM in Azure or even the PaaS Azure SQL database offering

There are number of advantages to upgrading your data platform. You’ll be running your database workloads on an in support data platform, with a long support window. There will likely by new features in the latest and greatest version of SQL Server that you can use to add business value to your application – Availability Groups for example. Also you will likely find people with skills in the later technology, those skills will be more readily available in the jobs market.

There will likely be a different licensing model – the licensing model changed between SQL Server 2008 R2 and SQL Server 2012 – it possible you will have to pay more for you SQL Server licences.

The third option is instead of doing nothing you pay for a custom support agreement. The main advantage here is you can continue to get security updates and therefore potentially remaining compliant. The main disadvantage of this approach is the cost involved, which is typically 75% of the full license costs of the latest version of SQL Server and Windows Server.

Migrate workload to Azure. Microsoft allow SQL Server 2008 and SQL Server R2 VMs running in Azure to have the security updates for free for a further 3 years. So you can migrate your database server to azure and continue to get security updates for free until 2022.

The main advantage of this is you get to keep running the same version of the OS and Data platform, the security updates are free so the cost is minimal \. The disadvantages is you would need to move off premises, if this is not an option for you then you can’t exercise this option and there will still be work in involved in ‘lifting and shifting’ the VM to the cloud.

Whatever you do when support ends for SQL Server 2008 and SQL Server 2008 R2 have a plan

Oman and VAT – Ask Synergy Software Systems to help prepare and update your systems

June 30th, 2019

Oman government representatives have said that the state is looking to implement a 5% VAT regime from 1 September 2019. In 2017,
it signed the Gulf Cooperation Council VAT Framework Agreement, which included: Saudi Arabia, Qatar, UAE, Bahrain and Kuwait. Local media reports in March 2019 quoted a senior official from Oman’s Ministry of Finance as saying that the date of implementation of VAT in Oman is under review. The official reportedly indicated that the target date had been 1 September 2019 but that this is not confirmed, although the intention clearly remains to implement VAT as early as possible. Businesses should take this as a cue to continue their VAT implementation plans in Oman, or restart and reinvigorate those if the work has been put on hold.

A key lesson from our experience of VAT implementation projects in UAE, KSA and Bahrain, across more than 100 companies is that companies that started their VAT planning and implementation projects early had a smoother transition to VAT, than those that waited for the final publication of the domestic law and regulations. A ‘wait and see’ approach backfired on many businesses in the UAE, KSA and Bahrain where there was minimal time between the release of the law and regulations and the go-live date for adequate training, data preparation and testing, and a shortage of resources in the market to cope with the backlog.

There are practical steps to take now. the first is to form an internal VAT working group of key stakeholders to monitor developments in VAT and ensure that VAT is on the Board agenda and is included in budget discussions. The working group will be best placed to negotiate professional services to support implementation, to train end users, and to define test scenarios, etc.

Next ensure there is VAT awareness is key – customers, vendors, and staff. Many in the region have never dealt with VAT, and a solid understanding of the mechanics, scope and terminology of the tax takes time, and that is a necessary foundation for the next steps.

Document your transaction flows . VAT is a transaction tax, with each transaction triggering a potential VAT consequence. This will help you to identify: software changes, processes to update, training needs, data collection needs, commercial document redesign, financial report redesign etc.

Review Contract to ensure they are ‘future proofed’ for the introduction of VAT. For example, to identify whether they include suitable clauses allowing VAT to be charged in addition to contractually agreed prices. The UAE VAT law clearly mandated that communication be sent to all customers within a specific timeline stipulating whether their contracts will be treated as exclusive of tax, failing which customers can dispute the tax being charged in the contract. Therefore, revisiting contractual obligations for both customers and vendors and determining cutover dates, incorporating tax clauses and revising prices and quotations will play a pivotal role to safeguard the business interests of all parties to a contract.

There will be transactions which are closed before the go-live date, and there will be instances where payment is received post the go-live date or where the supply is scheduled post the go-live date, but where the relevant invoices are paid prior to it. Failure to assess and communicate/agree on the VAT impact between all parties to the transaction on such spillover transactions might increase the cost of such transactions and either of the parties may be out of pocket in such scenarios, and there may be unwelcome friction with trading partners, if not managed.

IT infrastructure will be the ‘backbone’ of the VAT compliance function from issuing VAT compliant invoices to producing the VAT return.

Identify VAT resource requirements, particularly external consultants and auditors. Skilled VAT resources are drawn from a diminishing pool of individuals. Take advantage of the experience gained by service providers implementing in Dubai, KSA and Bahrain. There are many wrinkles, not immediately obvious.

Industry associations can raise common issues and concerns with the Ministry of Finance, particularly in advance of the formal publication of the VAT law.

While you can choose to defer VAT implementation be ready to demonstrate to your owners/investors/respective boards and shareholders, that you have done so only after undertaking an appropriate level of due diligence of the likely preparation of the VAT environment. Some key areas include:

Upgrades to ERP systems and user acceptance testing Reporting
Timely VAT registration, (company by company or at Group level?)
Timely Collection of Tax registration numbers for Trading partners
Timely returns, accrual and and payment of taxes
Scoping the need for professional service and selection/references, time for reaching agreement with partners.
Unforeseen penalties
Cash flow management – how will this change? the delayed inflow on account of receipts from customers; outflow after the discharge of tax liabilities on supplies without consideration/deemed supplies (if any); outflow on account of payment to vendors; and additional outflow due to the payment of taxes (net of input tax recoverable) to tax authorities.

Tracking changes in law/ public clarifications

Some businesses in the UAE and Saudi Arabia faced challenges when ERP systems were not implemented in time to capture VAT on transactions or to generate customised VAT payable or receivable reports. The first quarter of the respective VAT regimes required substantial manual effort to properly account for transactions.

Another hurdle was training staff on the upgraded ERP software as well as new reporting standards

In a test system for financial or erp system, for training and requirement scope you could get early familiarity with the Dubai or KSA framework – there are unlikely to be major changes in the Oman framework.

If you current system is largely manual, or has significant limitations then now be the time to plan for upgrade, or reimplementation or a new system. The UAE VAT law has a penalty provision whereby every incorrect invoice can trigger an AED 5,000 fine (approx. OMR 500), irrespective of the value of the invoice. Exposure to these fines can be significant in industries where high volumes of transactions are made per day, for example the retail, utilities and banking industries. Compliance depends on a robust system and operations preparedness. The audit trail of the process, and other documents, help to ensure correct and timely filing of the returns as well as avoiding any unwarranted penalties.

Businesses across the globe tend to see a fall in demand where the display prices on products do not include VAT, specifically in the case of products which are price sensitive. The implementation of a new indirect tax law will have an impact on turnover and consumer preferences. Some prices ma need to be rounded up or down. You may need to show VAT separately, item by item on a receipt or invoice – is your software able to do that?

Given that the potential VAT rate in Oman may vary between 5 per cent, exempted, non-taxable and zero-rated, businesses should ascertain the price impact of VAT on imports which are recoverable and non-recoverable, final product pricing and alternative sourcing if imports are expensive, and vice versa.

Calorie display on Dubai menus – are you ready? Ask Synergy Software Systems.

June 30th, 2019

It will soon be mandatory to display the caloric value of each and every item in the menu, in whichever form it is. The Food Safety Department announcement is that:
All food outlets in Dubai have to display calorie content of ready-to-eat foods by January 1, 2020.
An early deadline of November 1, 2019 is set for establishments with more than five branches to implement it.

The circular and guidebook is posted on municipality’s portal www.dm.gov.ae and has clear instructions for labelling nutritional value with examples for manual calculation in Excel-sheet templates.

The department will verify the accuracy of the calculations through auditing. It will also at a later stage, provide an electronic-platform for computing the calories

Eateries, including fast food chains, must display caloric value of food items either on the menu or at the point of sale. There are some establishments that already declare calorie content on packaging, flyers, tray mats, websites etc. However, the municipality wants everyone to display the caloric value, against each item in the menu from which diners choose items at the point of sale. When there is no menu, then it should be in the menu boards or the menu displayed on tablets — basically, whichever form of the menu which the consumer checks for choosing the food.

Dubai eateries will have options how to calculate calorie contents for display in the menus to comply with a new regulation that aims to help diners make informed choices. For most a software package will be administratively simplest to ensure compliance.

For online menus displayed for food ordering services, the rule will not be mandatory, for the time being, since the department is not regulating electronic platforms for food delivery.

Dubai Municipality says that Food establishments in Dubai should declare in their menus the calorie content of all ready-to-eat food items.

The primary objective of the rule is to help diners make healthy food choices for reducing obesity and related diseases. The Food Safety Department of Dubai Municipality hopes to make a big difference in food decisions taken by diners just with the knowledge of how much of calories they consume.
The population of Dubai is three million. As per our calculations, we expect more than one billion food decisions to be based on the calorie count displayed in menus in a year,” Iman Ali Al Bastaki, Director of the Department
.
During the six months of the World Expo 2020 starting on October 20, 2020, Dubai expects to welcome 25 million visitors. Hence, the number of food decisions taken based on displayed calories is expected to be multi-billion during the Expo.

For example, a food outlet making a traditional meal with a lot of oil will have to display a high caloric value for the meal. When consumers prefer to go for another meal with less calories or a smaller portion of the same meal, the establishment will encourage its chefs to reduce the use of oil, thereby reducing the calories and providing a healthier meal.

Dubai, is the first emirate in the UAE to implement such a rule. It referred to similar practices in countries like the US and Canada. Dubai already has a system of nutrition labelling that displays all nutritional values in packaged food items e.g.: sugar, sodium, fat.

For cooked or prepared food that is ready-to-eat, the first step in declaration is the basic declaration of calories. The municipality wants to ensure the readiness of the market before moving to the next level of detailed nutrition labelling in cooked foods.

This is part of a holistic approach that Dubai Municipality has been working on to improve health and to reduce obesity and diabetes in Dubai that include healthy meal project in school canteens, an initiative to reduce salt and sugar content in bakery items and verification of claims about healthy food items.

With over 100 branded hotels and industrial caterers, and other food producers as our customers we have more than 20 years extensive experience in the F@B area, and our solution for nutrition data is widely adopted.

If you need, a software solution or to integrate our nutrition data to your erp system or F@B software, then contact us to learn more about our solutions.

Synergy Software Systems: 00917 43365589
Deyafa Systems: 00971 4 3240066

Electronic health data originating in the UAE – Federal Law No. 2 of 2019 (the Law)

June 26th, 2019

Important changes for anyone who collects, processes or transfers electronic health data originating in the UAE.

Besides a host of new data protection measures and new rules around use of a centralized database managed by the United Arab Emirates (UAE) Ministry of Health, a general prohibition on transferring health data outside the UAE has a significant impact on healthcare service providers and life sciences companies operating locally.

Cloud based health solutions which involve collection, storage and processing of health data, such as wearables and health monitoring apps, may be particularly affected. It is imperative for companies operating in the sector to carefully monitor developments.

On 6 February 2019, the President of the UAE issued Federal Law No. 2 of 2019 (the Law) which regulates the use of information technology and communications (ITC) in the healthcare sector. This Law:
• aims to raise the minimum bar for protection of health data and to introduce certain concepts which are on a par with best international practice in information law;
• supports the legislative trend towards localization of sensitive categories of data;
• paves the way for centralized health data capture and analysis to support public health initiatives conducted by the UAE Ministry of Health.

The Law was published in the Federal Gazette on 14 February 2019 and will come into force three months from publication. (May2019). The implementing regulations which will provide further details on its application are to be issued within six months from the date of publication.

The law is the first Federal data/privacy law of its kind in the United Arab Emirates albeit limited to healthcare data.

The law prescribes 31 articles and its application is wide both in terms of geographical spread and industry sectors. The law covers the entire United Arab Emirates (UAE) including its Free Zones and will impact on many sectors including local healthcare regulators in the different Emirates as well as all sectors dealing with healthcare data/information.

The health authorities in each local emirate are empowered to establish the rules, standards and controls for their own electronic data and health information systems, such as the methods of operation, exchange of data and information and their protection, as well as access to and copying of data and information

The Law applies to all entities operating in the UAE, whether onshore or from one of its free zones (including Dubai Healthcare City), which provide:
• healthcare services;
• health insurance services (including insurance brokers or providers of related administrative services);
• healthcare IT services; or
• any other services, directly or indirectly, related to the healthcare sector, or engaged in activities that involve handling of electronic health data.

1. Regulation of health data

The scope of the Law is broad – it regulates the processing of all electronic health data regardless of its form, including names of patients, information collected during consultation, diagnosis and treatment, alpha-numerical patient identifiers, common procedural technology (CPT) codes, images produced by medical imaging technology, and lab results among other types of data.

2. Prohibition on storage of health data outside of the UAE

The Law formalizes the longtime informal regulatory policy that health data must be processed and stored inside the UAE. Critically it provides that such data may not be transferred outside of the UAE, except where an exception is issued by the relevant heath authority. The Law also prohibits the creation of health data outside of the UAE which relates to health services provided inside the UAE. Accordingly, cloud solutions hosted out of country, outsourcing of IT services to overseas locations, remote IT support from other departments within multi-national Healthcare Service Providers and remote collection and monitoring of patient information within the UAE, such as heart rate, sleep patterns, or steps walked, from outside the UAE through apps and wearables may be significantly impacted.

The Law envisages certain exceptions to the default data localization requirements. These will be set out in subsequent ministerial resolutions or the implementing regulations.

3. Minimum standards for processing of health data

In addition to reinforcing the duty of Healthcare Service Providers to maintain the confidentiality of health data, the Law introduces a number of concepts similar to overseas data protection frameworks. For example:
• Purpose limitation: Patient information must not be used other than for the purpose of the provision of health services, except with the prior consent of the patient;
• Accuracy: Healthcare Service Providers must ensure that the health data processed is accurate and reliable;
• Security measures: Healthcare Service Providers must put in place measures to protect health data and to prevent its unauthorized processing, damage, alteration, deletion or amendment; and
• Non-disclosure/patient consent: The Law reiterates existing obligations not to disclose patient data to any third party without the prior consent of the patient.

4. Retention period

Health data must be retained for a minimum period of 25 years from the date on which the last procedure on the patient was conducted, or as long as is necessary if longer.

5. Centralized data management system

A new centralized data management system (DMS) will be established and operated by the UAE Ministry of Health to facilitate access to, storage and exchange of health data. Healthcare Service Providers are required to register to access the DMS and identify all members of personnel who are authorized to access it.

6. Website blocking for advertisement or licensing violations

The UAE Ministry of Health is entitled to instruct the relevant local or federal health authorities to block any website, whether inside or outside of the UAE that does not comply with the regulations applicable to healthcare advertising or which provides healthcare information without a license or permission from the UAE Ministry of Health.

The only circumstances in which a patient’s information may be used or disclosed without the patient’s consent are:
• to allow insurance companies and other entities funding the medical services to verify financial entitlement;
• for scientific research (provided that the identity of the patient is not disclosed and applicable scientific research standards and guidelines are complied with);
• for public health preventive and treatment measures, for example. in the case of a public health crisis;
• at the request of a competent judicial authority; or
• at the request of the relevant health authority for public health purposes including inspections.

There is a delicate balance to be struck between the potential benefits of this practice and the protection of each individual’s right of privacy. Where to draw the line in this assessment remains a topic of discussion between industry stakeholders and regulators, particularly in light of high profile breaches in recent years such as the collaboration between the Royal Free London NHS Trust and Google Deep Mind to identify patients at risk of kidney disease, or in the context of using health data for secondary research purposes. In January 2019 the European Data Protection Board issued its opinion on the European Commission’s draft Q&A on the interplay between data protection under the EU General Data Protection Regulation and clinical trials regulation. Wewait for the Law’s implementing regulations to see what position the UAE authorities will take on this sensitive issue.

As well as certain penal sanctions for breach of key requirements, such as the data localization obligations, the Law sets out a number of overarching disciplinary sanctions for breach of its provisions. These sanctions range from warnings to fines of AED 1 million and/or cancelling the breaching company’s permit to use the DMS.

Typically, access to centralised systems – such as the planned healthcare system – is facilitated by open APIs (application programme interfaces) made available to third party suppliers of IT systems which access the system. Where those IT systems already exist and are in use (under contracts between healthcare providers and the suppliers), technical changes to the systems will be required.

Some businesses will need to revisit their business procedures to comply with the Law. We recommend that companies affected by the Law:
• Keep up to date with the executive regulations setting out further details
• Ensure IT systems are capable of interacting with the central IT system
• Complete necessary administrative steps to obtain access to the central IT system, such as registration / licensing requirements
• Have technical and organisational processes in place to ensure that all patient data is treated confidentiality, kept secure, kept accurate and uncorrupted, not used for other purposes and retained as required
• Not transfer or store any patient data outside the UAE unless authorised to do so by a resolution issued by the local health authority
• Conduct a data mapping exercise to identify what type of health data is held, where it is processed and with which third parties it is shared.
• Where such third parties are based overseas, take steps to cease the transfer of health data to them, or to anonymize / denonymize the health data transferred;
• for any health data which cannot be anonymized / denonymized due to the nature of the processing activities, source alternative third party service providers to conduct the processing of that data within the borders of the UAE
• review contracts with third party service providers which process personal data and ensure that the contractual obligations for data processing and information security are sufficient to meet the new requirements of the law
• consider contracting obligations on service providers to support compliance with the law, such as annual rights of audit;
• add a step to the existing compliance sign-off process prior to adoption of new operational processes and business lines to ensure that no health data leaves the UAE and that the minimum statutory compliance standards are met.

June 24th, 2019

Guides is a new solution that works with Microsoft applications based on HoloLens (and, increasingly, mobile and tablet devices) in mixed reality, in four core areas: remote assistance, training, collaborative visualization, and contextual data access, (‘your data in your space’.)

Guides, trains people on how to correctly work with assets in a real-world setting.

Guides can display 3D visuals, training materials, and interactive tasks through HoloLens. It is intended to train workers and measure their performance. It has the ability to capture and store data on their usage history via the Microsoft’s Common Data Service – or in other apps that consume CDS data like Dynamics 365 Field Service or Finance and Operations.

SQL Server 2008 and SQL Server 2008 R2 – end of life July 9, 2019 -ask Synergy Software Systems

June 23rd, 2019

Microsoft has previously announced that SQL Server 2008 and SQL Server 2008 R2 will reach end of life on July 9, 2019.

This means that in less than a month, Microsoft will no longer release regular security updates for the product.

There are several reasons this is important to you.
• Attacks against software products of all types are common and ongoing. With Microsoft SQL being such a prevalent platform, attacks against it are ubiquitous, and it’s important to keep your database platform up-to-date with the latest Microsoft security patches.
• Many compliance requirements dictate that you must be running currently supported software.
• As Microsoft drops support for a product, many third-party applications may also discontinue support for their products running on those platforms.

So, if you are still running SQL Server 2008/2008 R2, then what are your options?

1.Upgrade to a newer version of SQL.
SQL 2019 is in preview release as of this writing, so the current production version of SQL Server is 2017. Its end of life will be October 12, 2027.
Evaluate your applications and databases to make sure they are compatible e.g. Dynamic Ax 2012 is not supported beyond SQL 2016

Plan a migration for either on-premises or cloud. A move to an Azure SQL Database Managed Instance, will not require you to upgrade in the future. By choosing this option, you will also gain access to new features which have appeared in the latest SQL Server versions. However, it only offers subset of SQL features so you need to be sure it will support your application and use.

2.Migrate to Azure to receive three more years of Extended Security Updates for SQL Server 2008/2008 R2. If you need to stay on the same SQL code base for a bit longer, Microsoft will allow you to rehost your SQL 2008 environment in Azure and still provide you with security updates for an extended period. There is no extra cost for the extended updates beyond the standard Azure VM rates.

3.Purchase extended support. Microsoft allows customers with an active Enterprise Agreement and Software Assurance subscription to purchase and receive three years of Extended Security Updates for SQL Server 2008/2008 R2. The annual outlay for the updates is 75% of the full license cost.

4.The least desirable option is to stay where you are and pray. If circumstances prevent you from moving forward now, then at minimum you should:
• Recognize and account for the risk;
•Plan and budget for a transition as soon as possible;
•Re-evaluate your security and tighten it as much as possible.

Microsoft provides guidance for handling the end of support of SQL Server 2008/2008 R2 at https://www.microsoft.com/2008-eos.

Of course, Synergy is ready to help you to evaluate and to progress to the next level. 0097143365589

If you are running newer versions of SQL Server, then here are their End-of-Life dates.
•SQL Server 2012 – July 12, 2022
•SQL Server 2014 – July 9, 2024
•SQL Server 2016 – July 14, 2026
•SQL Server 2017 – October 12, 2027

Windows Server 2008 and 2008 R2, support is coming to an end.

June 23rd, 2019

Sometimes lifecycles end because of age or workload and other times they expire due to vendor support.
In the case of Windows Server 2008 and 2008 R2, Microsoft announced that Extended Support will end on January 14, 2020.

Microsoft provides: Mainstream Support, Extended Support, and Beyond End of Support.

Mainstream Support

Mainstream Support is Microsoft’s first phase of support and lasts five years. It includes the following benefits:
• Incident support (no-charge incident support, paid incident support, support charged on an hourly basis, support for warranty claims)
• Security update support
• Ability to request non-security updates

Extended Support

The Extended Support phase follows Mainstream Support, and also lasts five years. The key features of Extended Support are:
• Paid support
• Security updates at no additional cost
• Ability to request non-security updates (available only via Unified Support, a new model of support that offers comprehensive support that covers your entire organization)
• Microsoft will not accept requests for warranty support, design changes, or new features during the Extended Support phase.

Beyond End of Support

The Beyond End of Support phase is the final phase of the product lifecycle and lasts for three years. Here are the key things to remember.
• Request to change product design and features are not available
• Security updates are available only with the purchase of the Extended Security Update Program for up to three years. This typically costs 75% of the on-premises license cost annually.
• Technical support is provided when you purchase Extended Security Updates and have an active support plan in place on the product that has moved beyond the Extended Support date.

Server 2008 and 2008R2 are moving out of the Extended Support phase on January 14, 2020. From that date on,
non-security updates will no longer be available,
security updates will be available only if you pay for the Extended Security Update Program,
and other vendors will diminish their support of this operating system version.
If you are not prepared, then this will leave your environment open to security holes, application instability, and support restrictions.
If you have not already planned for this then now is the time to get it into your budget for first thing next year.

Synergy certifications

June 22nd, 2019

Happy to announce that our Gold partnership with Microsoft has been confirmed again for the next 12 months.

Recently we have also certified consultants in ABBY the industry leading OCR software.

Earlier in the year we became a gold partner with UIPath the market leading Robotic Process Automation solution, for which Synergy has more than 50% of the certified consultants in the region.

This is part of our commitment to deliver professional service for digital transformation to our clients.