GDPR Readiness

Deadline: May 25th 2018

The EU's General Data Protection Regulation (GDPR) rules will become law from 25th May 2018, following the publication of the document's final draft.

Why the GDPR 2018 Deadline is a red herring

On 14th April 2016 the European Parliament approved the General Data Protection Regulation (GDPR) text.  For many organisations that are already on the path to ensuring adherence to the new ruling, this announcement will not be a cause for concern. However, for those that are behind schedule, or are yet to begin preparations, then I suggest sounding the alarm.

The aim of the GDPR is to support consumer rights and at the same time provide clarity for businesses, by establishing a single law across the EU.

What worries me is that there is a misunderstanding in the industry that just because the GDPR does not become enforceable until July 2018, it means they are safe from being penalized between now and then. This is not the case, even if there is a Brexit! Organisations need to be aware that if a significant number of complaints are lodged, then a company is likely to find itself on the receiving end of a substantial fine from the Information Commissioner’s Office (ICO), and in the firing line from the national media, bringing with it further reputational damage.

The truth is; all the 2018 date really means is that a company could be singled out if they fail to comply, even if they have not received any complaints. But let’s be realistic, are companies really going to be flagged for investigation if they have not been complained about?  The 2018 enforcement date is a misnomer and organisations dragging their heels need to pick up the pace and focus.

The GDPR warrants close inspection but some of the key questions you need to ask yourself are…

  • Do you have the appropriate consent for each data subject?
  • Do you have an adequate retention policy?
  • Are your suppression processes timely and robust?

It is important to note that brands and agencies alike must take responsibility for conducting their own adequate due diligence.

My advice to all that will be impacted by the GDPR (and that is every EU organisation with customers!) is to focus on the here and now, don’t think of it as a two-year grace period (it isn’t) get compliant as soon as possible.

More in this category: « Disk Encryption

Virus and Malware removal Eset award winning computer security.

Security for Your PCs and Devices

Remote Support

Quick Support

One off support software for windows systems

Install Full Support

Permanent support software for windows customers on our 12/7 Guardian Angel support

Apple Quick Support

One off support software for Apple systems

Apple Full Support

Support software for Apple systems