The countdown has begun. In just a few short months the most dramatic changes to our data privacy regulations will be set in law, and firms face potentially business-defeating fines for non-compliance.
The General Data Protection Regulation (GDPR) which comes into force on 25 May 2018 aims to protect an individual’s data and regulate how firms use, process and store that information. Given the sheer volume of data breaches, The European Parliament is hoping the legislation will force firms to examine their data processes and better protect the information within their care.
The headache facing GCs and Data Compliance Officers is gargantuan. Finding and amending every contract that contains an individual’s data, reworking processes to ensure future contracts are compliant and developing a risk-based strategy using technology to prioritise the most vital data is just the tip of the iceberg. Trying to achieve all this within the next few months is a time frame that could prove too tight for many organisations. Those who don’t comply face huge fines of either 4% of annual turnover or up to €20m – whichever is greater.
Although seemingly impossible, there are means and methods that can help you navigate the GDPR regulations and ensure compliance. To find out how you can achieve compliance on time and within budget, read our report here