The passage is excerpted from an August 3, 2017, article on Info Security Magazine, written by Eckhard Herych, Faculty Member of the Compliance, Governance & Oversight Council (CGOC).
We are now less than a year away from the implementation of the European Commission’s General Data Protection Regulation (GDPR) on May 25, 2018, and the stakes for companies are high.
First, the GDPR “applies to all companies processing the personal data of data subjects residing in the Union, regardless of the company’s location.”
Second, non-compliant organizations can face devastating fines as high as 4% of the annual global turnover or €20 million, whichever is higher.
Third, preparing to meet the requirements of the GDPR cannot be done overnight simply by deploying security software, which, unfortunately, is where too many GDPR response discussion starts.
The good news is that companies that begin now can make tremendous progress toward creating a data infrastructure that dramatically reduces the likelihood of GDPR non-compliance and that minimizes the financial impact even if something goes wrong.
Click here to read the five key steps organizations must take to get ready.
Not a member? Join the community
Already a member? Sign in
Become a CGOC Member and have access to resources, white papers, surveys, proceedings, and practice tools such as the Information Economic Process Assessment Kit. CGOC Members receive first priority to regional CGOC executive meetings around the world.
Asterisks (*) indicate fields required for registration