The General Data Protection Regulation (GDPR) is certainly leaving its mark on the data protection field by being the first legislation of its kind to tackle present-day dangers to data security and companies’ accountability to their customers in the face of these threats.
Many companies are struggling to put in place the infrastructure needed to respond to incidents and data requests as laid out in the GDPR, while entrepreneurs are profiting by building tools that enable companies to more easily manager visitor and customer consent.
Non-compliant companies are hoping that they will never incur the wrath of their customers and data protection agencies, but with data breaches continuing regardless, through the ingenuity of perpetrators or the neglect of employees and customers (who have the right the request their data at any time), it won’t be long before they find themselves on the wrong side of the GDPR unless they take action and grab the opportunity this legislation offers them.
Research undertaken by the Information Commissioner’s Office (ICO) shows the state of 600 UK-based companies 100 days plus after GDPR was implemented:
• Only 20% of the companies believe themselves to be GDPR compliant.
• Although 53% say they are in the implementation phase.
• Alarmingly, 27% have not yet started.
• Looking in a more positive direction, 74% of respondents expected to be compliant by the end of 2018.
Improved data protection compliance should encourage innovation and continuous improvement. It should not be perceived as a cost overhead but more as an investment in your people, business and future security.
The key to a stable, secure work environment is continued personal development through training, education and awareness. Date protection should be the driver to do things better in 2019.