David McManus / February 19th 2019

GDPR… 9 months on

For many years, the standard method of data collection for organisations has been…

‘How much data can we trick people into giving us?’.

This attitude changed dramatically with the introduction of the General Data Protection Regulation (GDPR). GDPR was introduced to protect individuals data on the internet.

‘Under GDPR, personal data is considered as any information relating to an identifiable person, including; names, ID numbers, locations, ethnicity or any political standings’.

Since its commencement on May 25, 2018, it has taken until February 2019 for the first major GDPR infringement case to be handed out. Tech giants Google were fined €50 million for…

  • A lack of transparency and information regarding the processing operations carried out.
  • A lack of legal basis for the processing of personal data for advertising basis.

It looks like Google isn’t the only company falling short of GDPR laws. Research from Talend, based on personal data requests made to 23 companies – based or operating in the UK across multiple industries – shows that 74% of UK organisations failed to address requests from individuals seeking to obtain a copy of their personal data within the one-month time limit required by GDPR.

 

Why should companies be complying?

 

The new regulation has increased transparency and requires companies to review their data handling and processing procedures – which is good for everyone, both as a consumer and a business. The security practices that come with a strict GDPR policy will bolster a brand’s reputation, as it showcases to consumers that your organisation has a robust data governance system in place.

Further benefits of proper GDPR use include…

  • Better data security – 68% of large firms in the UK have encountered a
    cyber-attack. Owning a GDPR-compliant framework extends your cyber security practices by allowing only a few professions access to critical data in the organisation.
  • Reduced maintenance costs – Good GDPR practice can help your organisation cut costs by prompting the retirement of any data inventory software and legacy applications that are no longer relevant to the business.
  • Better alignment with evolving technology – A large portion of companies have moved to third-party management tools, which allows organisations to easily check the integrity of files and folders in their network. This is due to most tools sending out an alert notification whenever an anomaly is detected, there is time to minimise, or avert any compromise.
  • Improved decision-making – By using customer information effectively, an organisation can make better, more researched, decisions and consequently get a better return on investments.
‘Organisations can achieve success with GDPR when they begin to view the law as not just a regulatory obligation, but instead a means for achieving business and technology coalition’.

As data is the new gold in today’s digitally focused economy, organisations must consider a comprehensive approach, aligning their information and data management policies with regulatory frameworks.

Easy, right?