GDPR: It’s not all about the riskBy Guus van Es,
Most of the talk around the impending GDPR focuses on the penalties. But that’s not the entire story…
Just around the corner
Let’s begin by making sure we’re all on the same page, and know what GDPR actually is. In a nutshell, it’s new EU regulation that sets rules for how organisations collect and manage people’s information. The basic premise is to give individuals more control over their private data and to make sure that companies have the technology they need to protect that data. It’s set to come into force on 25 May 2018 — and it has many people very worried.
Why are people concerned? For three reasons. Because the deadline is imminent. Because preparing for GDPR often means a huge overhaul of cyber security, network and processes. And because failure to comply can result in a fine of up to four per cent of a company’s turnover or €20 million — whichever is higher.
Understandably, it’s this sense of pressure that’s dominated the conversation surrounding GDPR. For me, that’s a shame. Because this new regulation offers more than just an opportunity to get fined — it also offers companies a chance to improve, to invest and to grow. So let’s talk about why.
The opportunity in GDPR
I predict that GDPR will be a turning point for many companies — a chance for them to transform their cyber security and data management for the better. It gives organisations a mandate to create a coherent IT architecture, with regulation-ready security at its heart. In doing this, an organisation can become more efficient, give better customer service, and — in the long term — cut costs.
This is made easier thanks to the cloud, which allows organisations to accelerate their transformation with a technology that already has high security standards.
One obstacle that many will face, however, is that while GDPR is relatively clear and specific about legal aspects, penalties and citizens’ rights, its language around cyber security is often esoteric and impenetrable.
To overcome this — and take advantage of the opportunity — companies need cyber security experts, both to translate what GDPR means for the company, and to make sure that those changes are made.
What you need to do next
The opportunity in GDPR is very real. But so are the risks. Keep in mind that the clock is ticking and, if you haven’t started already, then now really is the time to start your preparations. After all, there are only seven months to go until GDPR becomes a reality.
Download our white paper for more information on the GDPR — and to find out why greater data security creates opportunities for your organisation.