SIX INSIGHTS INTO EUROPE’S DATA PRIVACY REGULATION
A year has passed and it’s a good time to reflect on how your company has responded to the introduction of GDPR.
It’s easy to believe that it was a lot of noise about nothing – but the reality is that over the past 12 months the European data protection agencies have issued over €50m in fines for data breaches from more than 200,000 reported cases. The ICO, in London, is also reporting a +100 per cent increase in public complaints.
So, if you are about to celebrate ‘the passing’ of GDPR, think again. The regulators are just warming up and data privacy is likely to remain on your business agenda for some time to come.
If you need help with what GDPR means for your business, here’s a few helpful insights; and if GDPR compliance is still on your ‘to do’ list’; it’s not too late – please give us a call.
Insight 1 – GDPR compliance certification doesn’t exist… yet
A GDPR Compliance Certification Programme is being developed but it hasn’t been released. In the meantime, organisations must demonstrate their compliance.
Insight 2 – GDPR is not only about IT or Legal
Of course, IT and Legal are important, but at its core, GDPR is a business risk problem. Why? Because it touches almost every part of your organisation. You can’t afford to focus on using just one set of expertise. You need multidisciplinary business support.
Insight 3 – GDPR has nothing to do with EU citizenship
GDPR has nothing to do with EU citizenship or residency. It doesn’t matter what your citizenship is or where you live. If your personal information is processed by a European entity, inside or outside the EU, you have rights under GDPR.
Insight 4 – The Data Protection Officer protects the Data Subjects
The Data Protection Officer (DPO) is an important role under GDPR. The position is also protected. The DPO is the ‘voice of the data subjects’. The role carries the serious obligation of warning businesses when their activities are likely to contravene the regulation and the rights of Data Subjects.
Insight 5 – GDPR is a barrier to business
It’s not. GDPR has evolved because more and more people are using connected devices and services. GDPR doesn’t stop you providing those services, you just have to go about it in a responsible manner. It’s about building greater trust and confidence with your customers.
Insight 6 – GDPR is the regulatory outcome of digital transformation
GDPR is the regulatory outcome of digital transformation. GDPR is bigger than GDPR. It is also bigger than compliance. Once you understand this, you will understand why the regulation needs to be fully imbedded throughout all operations. It is as much about culture change, as it is about regulatory compliance.
ID is a pureplay specialist providing expert consultancy in Data Privacy, INFOSEC and Digital Transformation Solutions. ID Solutions deliver a wide range of commercial, operational and technical support that enables clients to achieve the fitness, agility and strength they need to succeed in the digital marketplace.
For your FREE consultation:
Tel: +44 (0) 2890 151 043