GDPR: Denial, Anger, Bargaining, and Depression – Take Your Pick
You know, I think many data managers are acting like little kids, and believe that the General Data Protection Regulation (GDPR) was put in place to punish them. It is what it is.
According to surveys, the majority of companies have not yet started addressing the compliance requirements. What are they waiting for? Maybe they should follow the old saying, “Turn that frown upside down.” Ok, I won’t say anything else like that.
It is an opportunity to clean up your data, provide accurate input to analytics, enable security to protect individual information, and increase sales through targeted marketing. I am sure there are many more benefits.
If you do business in the EU, you will need to comply. I read a very good article by David M. Raab, about how to get started with GDPR compliance. This article offers food for thought. Mr. Raab suggests the following:
- “Put someone in charge.” This will be your data protection officer, and may mean a new hire. Hey, with the number of breaches, just bite the bullet as you probably need one anyway.
- “Check your procedures.” Wow, this will probably take a whole person. The procedures have to do with handling customer data, not your usual procedures, such as how to process an order.
- “Meet technical requirements.” This includes responding to customer complaints within 30 days. Which implies that customers are sitting in nowhere land for 30 days? And reporting breaches within 72 hours. This one is curious, as most US companies don’t even tell us our information has been compromised until caught. Probably half of them don’t even know they’ve had a breach, or so they say.
- “Define a governance structure.” This means the nightmare will never end. Sorry folks, it’s not a one-shot deal.
That’s a lot. Mr. Raab has kindly documented access to additional information at the end of the article. So, what do you think? What attitude does your organization have – “Wait until we get caught,” or “Why didn’t we think of this before?” I’d put my money on you’re thinking “Wait until we get caught.”
Join us for our Enough Talk – Solving GDPR Problems Through Metadata-Driven Compliance webinar, on Wednesday, March 14. This session explains not only the ramifications of General Data Protection Regulation (GDPR) but also how to address the compliance issues. It examines the tactical aspects of the solution, little-known stumbling blocks, and different tools that automate changes and provide an audit trail for compliance.