How Many Organisations View GDPR
I recently posted on Linked In stating the most common response I receive from companies when asked how they are preparing for GDPR is, "all data we buy is compliant, so I'm sure we'll be fine. This posting has now had just under 10,000 views - not much for some users of this platform, but for me, it shows that this response is typical, or for some who have viewed, it's a shared opinion - they are 'fine'.
I'm sure there will come a time at some point this year (I hope), when industry will realise just what a juggernaut GDPR actually is - and precisely what is needed from organisations to prepare themselves for the D-Day of 25th May, 2018 when it becomes legally enforceable.
Due diligence on the purchase of third party data is a major focus of GDPR, but a review of any personal data held in-house - client, supplier, personnel, etc - the origins of it and hosting / transfer arrangements, along with any documentation relating to it, is equally important. For many organisations, this is the most time-consuming element - as you also have a business to run!
While much official guidance is yet to be published by the ICO (consent, profiling/processing, et al), they have produced documentation summarising the areas of any business that will need to be reviewed ahead of any changes being implemented. It is this documentation that should be the focus of discussion at Board level to ensure that the appropriate funds are made available during 2017/18 for what could be a relatively expensive process - but substantially less damaging to the business than the potential fines and bad press you will receive if found not to be compliant in 13 months' time.
My one piece of advice to any business who thinks they are already 'ok' or it's not something to worry about now, is to pick up the phone - speak to someone in a position to advise you. Have a top-level conversation and make a more informed decision off the back of that - now is the best time.
Andy Chesterman, Data & Compliance Director DAMM Solutions. andyc@dammsolutions.co.uk www.dammsolutions.co.uk