general data protection regulation countries: gdpr 90 days on
GDPR: 90 Days On
General Data Protection Regulation Countries: For upon |GDPR has been one of the most talked-about developments this year – now that the May deadline has come and gone, the big questions remain on what impact it’s actually had for organizations to date.
So the 25th of May 2018 has come and gone – a day long anticipated by all organizations that touch data in any way shape or form, but what impact has the new legislation had to date?
As we are all too well aware, embracing GDPR has been a costly exercise; with companies spending considerable amounts of time training staff, reviewing contracts, migrating and cleansing data, defining processes and in some cases appointing new suppliers and hardware solutions. Acxiom estimated the costs of becoming GDPR compliant at over £800 million for companies FTSE 100 and Fortune 500 companies alone. General Data Protection Regulation Countries.
GDPR Meaning
Related Posts
So has it had a positive impact? GDPR has at its heart the ethical and transparent use of personal data, and to that end, it has achieved its goals. Anecdotally, organizations are generally in much better shape to act as responsible custodians of their customers’ data. Many have implemented tighter controls on their data in anticipation of a flood of Right to Be Forgotten and Subject Access Requests; in a bid to make what could otherwise be a time-consuming and costly discovery process as streamlined and auditable as possible. General Data Protection Regulation Countries.
From a regulatory standpoint, the ICO in the UK reportedly received 1,124 complaints of non-compliance within the first month of the new legislation coming in (1), including some of the first high-profile complaints against Facebook and Google by pro-privacy lobbyists (2). Whilst it remains to be seen how many of these complaints are upheld, what is clear is that data subjects are exercising the powers available to them under the act. The number of incidents of non-compliance would be expected to fall and stabilize over time as this first wave of complaints is dealt with, and early loopholes and subjective interpretations in the application of the regulation are closed. General Data Protection Regulation Countries.
GDPR Is
However, it seems there is still much to be done by both the regulators and companies that are obliged to adhere to the letter of the act. And whilst new product and service launches are the most likely events to expose organizations that have so far escaped escalation of their practices to the ICO; the ongoing concern will be to continue to embrace data protection by design and default to mitigate against these risks; as well as timely and comprehensive fulfillment of customer requests in regard to how their data is used and made accessible to them. General Data Protection Regulation Countries.
My plea is for organizations not to forget their GDPR obligations now that the initial wave of enthusiasm has passed as this is just the beginning of the GDPR journey.
The article was originally published here.
Comments are closed.