Date Published 24 Oct 17
Our strategy talk aims to bust some of the myths that have developed around the General Data Protection Regulation (GDPR). We think that it’s time to bring more clarity to the table before the new law comes into effect on 25 May 2018, given some of the misinformation, confusion and outright scaremongering out there – some of which, it must be said, seems commercially driven.
Any regulation has some sort of impact on an organisation’s resources. That’s unavoidable and GDPR is no different to any other new legislation in that respect. But some of the misconceptions we have heard, indicate unnecessary concern and the wrong mindset to preparing for GDPR compliance. What should be recognised is that GDPR is a transformation opportunity in the way we use data about our staff & consumers. In return for that opportunity it demands more of organisations in terms of accountability for their use of personal data and enhances the existing rights of individuals.
If you already have an effective data governance programme in place, then you are already well on the way to being ready for GDPR. Many of the fundamentals remain the same and have been known about for a long time. Fairness, transparency, accuracy, security, minimisation and respect for the rights of the individual whose data you want to process – these are all things you would already want to do with data to enhance your relationships with your most important stakeholders.
The principles are essentially the same whether you are a small business or a multinational corporation. It is not the size of the organisation that’s relevant more the internal practices & types of data processing activities. For those handling particularly sensitive data, or processing personal data through the organization, 3rd parties or suppliers in potentially insecure ways, for example, good data governance is key to compliance.
Whatever the size of your organisation, GDPR is essentially about trust. Building trusted relationships with employees & consumers will enable you to sustainably build your use of data and gain more value from it. By transforming their data handling culture, organisations can reduce misuse risk. Failing to get data protection right is likely to damage your reputation, your customer relationships and, ultimately, your finances.
If they haven’t done so already, organisations should plan each step and move forward in a prioritised manner that suits their business, rather than believing the fashionable jargon that this is a leap into uncertainty & the unknown.
If you would like to find out more about how we can help you with GDPR please visit our website, http://www.gemserv.com/information-security/data-protection-gdpr/
Please complete the below form