Stop or Full Speed Ahead – GDPR Again
The other day, someone said to me that General Data Protection Regulation (GDPR) was over. He felt that the ‘pitiful’ fines applied by inspectors weren’t going to encourage anyone to become compliant. In a way, he’s right. There are many companies that would prefer to just pay the fine and move on. Applying fines gets rather complicated.
According to a Decipher article, ‘The True Test of GDPR is Still Coming‘, “The big question for GDPR isn’t just what kind of fines – or enforcement – that will be set. It’s also how the different countries will handle the complaints. The way the law is currently set up, the complaints are filed to the individual country’s national data protection authority and it is up to the laws of each country on how strict it will be in enforcing GDPR. There isn’t a pan-European entity to handle the regulation or to coordinate enforcement actions across borders. Some countries are just beginning to pass their data protection laws that match GDPR requirements. There may be no consistency in what kind of penalties or enforcement actions will be set.”
What I don’t get is that I also read an article that stated 43 percent of European Union (EU) companies had a data breach. Really now? If they had fixed up their low-hanging fruit, they would avoid data breaches, potentially now and forever. So add another element of cost here. We can remove the cost of a data breach, if the data is fixed. We can remove GDPR fines, if the data is fixed.
What are we looking at? Eliminate Cost of Data Breaches + Eliminate GDPR Fines. Voila, it appears this is our best option. I realize budgets and staff play a huge part in getting your house in order, but there can also be substantial benefits. The recurring problem I see is a lack of due diligence. I have yet to read many articles about how an organization was concerned about privacy violations at the victim level. How often do you see the word ‘victim’ used in this context?
There you have it. This is a walk in the park for us. I have a painless option for you that will address these issues, in the form of the conceptClassifier platform. One shared attribute of all the different security scenarios is getting down to the nitty-gritty – what is in the content that must be protected.
We call this content in context. Rather than create expressions until you start thinking of nothing else, you can use a tool, such as ours, that will proactively find, secure, remediate, and notify – all in real time, mind you – any combination of words, phrases, concepts, subjects, or topics in a simple rule-building tool, designed for business professionals.
If you clean up your data garbage – file stores of redundant, outdated, or trivial (ROT) information, which includes multiple revisions, multiple copies, old information that’s never accessed – then you are on your way to a lean, mean, fighting, data machine. You can’t imagine the difference.
Try it. You will be glad you did. Get over this stumbling block and finally put GDPR to bed. You can read how one of our clients addressed data breaches.