European Union claims the General Data Protection Regulation (GDPR) as the most significant rule on data privacy implemented in 20 years. Companies must secure personal information under this mandate. Service providers and information security agents should be aware of the rules and regulations. However, IT leaders must understand how GDPR changes the IT and business landscape. In this article at the Enterprisers Project, Stephanie Overby briefs about the 8 key facts that leaders should be aware of.
8 Key GDPR Facts
Leaders must know all the factors that can impact operations. When GDPR comes into effect on May 25, unprepared organizations might face non-compliance charges. Following are the basic facts you should get right by now.
1. The Strictest Privacy Law Ever
Habitu8 co-founder Jason Hoenich remarks that CIOs should know how their companies gather, stock, and transfer data as they are going to be held responsible for data breaches. GDPR is a cluster of current EU data laws that could levy a penalty of €20 million or 4 percent of global annual revenue, whichever is greater, for non-compliance.
2. Applicable to Almost All Organizations
If your company supplies goods, offers services, or does business online, you must follow GDPR. The advocates at Jackson Lewis opine in a report that the law applies even if you are tracking and gathering data about EU residents’ online behavior.
3. Interdepartmental Collaboration
Everest Group managing partner Eric Simonson says that you must collaborate intimately with cross-functional teams if your company actively collects, stores, and uses personal information. Assign a Data Protection Officer (DPO) for better compliance management.
4. Improvement in Data Quality and Processes
As per Gartner, bad data quality can cost a company $9.7 million per annum. Article 32 demands a more organized and standard plan. You have to monitor the overall processes by default and experience enhanced functionalities and decision-making abilities, assures BDO USA national information governance practice leader Karen Schuler.
5. Cost-Saving Minimalist Approach
BDO’s “The Intrinsic Value of Ensuring Data Privacy” report projects that GDPR limits your freedom to collect, store, and use data. This will force you to retain only quality information and ultimately reduce infrastructure and operational costs. There will be a rise in lean data management rather than big data, as per Schuler.
6. Vendor Management
As data controllers are going to shoulder compliance responsibilities, international law firm White & Case insists on clearly defining the roles. You should know what sort of proprietary data is accessible to your vendors, the data processors, and include GDPR terms in their contracts, as per Schuler.
7. Transparent and Prompt Services
In case of any data breach, you must notify the victims within 72 hours. Hoenich notes that EU residents can also make the companies delete old or expired data.
8. Privacy-by-Design and Privacy-by-Default
Schuler remarks that you will start developing products or services keeping privacy in mind. Organizations will revamp security and standard practices to enable privacy by default.
To view the original article, visit the following link: https://enterprisersproject.com/article/2018/4/what-gdpr-8-things-leaders-should-know