GDPR Compliance? What Are 92 Percent of You Waiting For?
The General Data Protection Regulation (GDPR) has finally made some organizations sit up and take notice. Obviously, not enough though. According to PwC, 92 percent of US-based companies consider GDPR compliance a top data protection priority, yet only 6 percent are compliance ready. Not good odds, if come May 25 GDPR auditing and fines start for US companies left and right. I wonder how many organizations just don’t think it will happen to them.
If you haven’t started, I guess it’s never too late. According to consultants, the first step is your data mapping. From this exercise you finally find out what data you have, where it is stored, and with whom you share it. This should be eye-opening for many. It’s referred to as accountability.
High time, I say. This is an excellent juncture to get rid of data you are collecting that you really don’t need. Indefinite or uncontrolled retention of structured and unstructured data is a common source of privacy mishaps. If you don’t need it for legal or legitimate business purposes, remove it, delete it, shred it. Get the point?
How will you know whether you have found all instances of privacy data? What about those pesky end users who run out the door at 5pm every Friday? Not to imply they are careless, as I usually stick up for end users, but it has been known for information to be stored in some pretty strange places, and then forgotten about.
Dilemma of sorts now isn’t it? What if auditors could find it? You would be sunk. Not to worry, our conceptClassifier platform can help. You can index all your repositories to find any personal or sensitive data – unstructured, semi-structured, or structured. Is the risk worth it? What does 4 percent of your revenue amount to? What would a data breach cost you?
To get to grips with GDPR, access our Enough Talk – Solving GDPR Problems Through Metadata-Driven Compliance recording. This webinar explains not only the ramifications of GDPR but also how to address the compliance issues. It examines the tactical aspects of the solution, little-known stumbling blocks, and different tools that automate changes and provide an audit trail for compliance.