| |||||||||
| |||||||||
Current Filter: Network>>>>>Opinion> EU Data: in or out? Editorial Type: Opinion Date: 03-2016 Views: 1402 Key Topics: Networking GDPR EU Data Protection Regulation Key Companies: Ipswitch Key Products: Key Industries: | |||
| Alessandro Porro, senior vice president at Ipswitch, comments on the three building blocks to consider when preparing your business for GDPR The EU's General Data Protection Regulation (GDPR) comes into force in 2016. It replaces a hotchpotch of EU-wide data protection laws and will affect any business operating from within the EU that does business with EU organisations or stores data in EU countries. We found in a recent survey that businesses are gearing up to the changes, but slowly. One in five UK businesses still don't know if the changes will apply to them despite confirming that they store and process personal data, and significant investment will be required to process and store the data based on the new standard. Respondents cited encryption technologies, analytics tools, perimeter security, file-sharing and mobile device management as potential future investments. Based on the current timetable for the regulation, businesses will need to be compliant in a little over two years. Some of the changes will be relatively straightforward and businesses should already be compliant in some areas. Gartner analyst, Carsten Casper notes that elements of the regulation are "principles we've seen in the past, carried forward in different words". Other aspects will require C-level buy-in, inter-departmental collaboration, resourcing, budget sign-off and technological investment. Those two years may pass quicker than you think, and there is a compulsion to get started. Some focus will help here.
TECHNOLOGY
TRAINING Training can take many forms. The GDPR will affect any area of a business that handles personal data, so frontline customer service staff, HR and IT are examples of the departments that will need to be trained. For those organisations who haven't allocated budget, or for those who didn't know if money and resources were available (nearly a fifth of respondents), getting the senior leadership team on board urgently is the next step.
LEADERSHIP If learning from the mistakes of others is the carrot then the stick will be the proposed breach penalties. Current estimates expect it to be 1m euros or 2 per cent of global turnover, depending on the seriousness of the breach; this message should propagate to the CFO's office. How a company chooses to prepare for the GDPR will depend on multiple individual factors. The three building blocks of GDPR preparation highlighted here will help organisations to achieve compliance, but there will be variations - for example some will appoint a data protection officer whether the regulation requires it or not, because it is a more effective route to achieve compliance. Whatever you decide, leadership, training and technology will be indispensable to the process. | ||
Like this article? Click here to get the Newsletter and Magazine Free! | |||
Email The Editor! OR Forward Article | Go Top | ||
PREVIOUS | NEXT |