At the CGOC event in London earlier this month, the fast approaching General Data Protection Regulations (GDPR) was of dominant interest for attendees. No matter the session topic, whether blockchain, M&A or eDiscovery, GDPR would inevitably percolate back in to the discussion.
In the US, Information Governance practitioners are aware of the importance of the GDPR and know they should start familiarizing themselves with some of its more onerous requirements. However, similar to the student who through circumstance finds himself with only one hour to complete a three hour final exam, European practitioners are in a rising state of consternation. There is much to do in a very short amount of time and organizations are “scrambling”. One of the new developments and a promising first step we noticed was the increased presence of data privacy officers. They are in the unenviable position of converting the relatively broad principles in the regulation into the actionable tasks needed to make their organization compliant by May 2018, if not before.
New Data Privacy Officers find the paradox created by the intersection of security and the need for privacy rights the hardest to navigate. Even though it is slowly changing, currently in the US and most other countries, security will be paramount. EU organizations must tread a finer line or risk unprecedented fines.
Most organizations we spoke to revealed that they were still in the process of creating their Privacy Program Governance and a small minority had just started the assessment phase of the Privacy Operational Life Cycle. In either case, there is still much to get done and with the recent downsizing efforts of many large entities, privacy professionals felt squeezed of the tools and resources they need to accomplish their goals.
The CGOC has long touted the benefits of good data & information governance and many forward thinking organizations found the benefits well worth the effort and expenditure. These organizations now find that their proactive work finding, organizing and governing their data will make compliance with the GDPR less burdensome than those, who for various reasons, sat on the fence.
Not a member? Join the community
Already a member? Sign in
Become a CGOC Member and have access to resources, white papers, surveys, proceedings, and practice tools such as the Information Economic Process Assessment Kit. CGOC Members receive first priority to regional CGOC executive meetings around the world.
Asterisks (*) indicate fields required for registration