GDPR : 365 days and counting...

Just one short year away on May 25th, 2018, the Global Data Protection Regulation (GDPR) is set to come into force. Its arrival, while long anticipated, it still causes for widespread concern how organizations will be able to meet the new criteria it sets. 
I recently had the pleasure to speak at the IDC conference in Stockholm focused on GDPR. While the event does not give a complete picture of what’s happening out there with respect to GDPR compliance, there was a fair representation of executives from different industries as well as product vendors and service providers.
One of the biggest take outs from a poll we collected at the end of that event is the fact that so many companies are still only on a very preliminary part of the journey to GDPR compliance. Feedback suggested that 50% of organizations are still trying to identifying gaps leaving them with less than a year to fix/remediate the gaps. Further to that, going into the details, the poll revealed that personal data discovery and its classification seem to be a major challenge followed by protection and breach management. 
The new EU data protection regime will be nothing less than a masterstroke towards the creation of a new European data economy. With data now being described as the new oil, the creation of a digital single market across 27 countries demands strong compliance for it to work.
If we accept that data is going to change our economy and our behavior, I believe that business should take the cue from European policy-makers as early as possible and adopts the long view how best to work with this new paradigm. Indeed if any company or organization wants to be in the elite list of GDPR compliant organizations, with less than one year to go, there is literally no time to lose!
TCS has taken a pragmatic yet comprehensive approach to solving GDPR puzzle for its clientele. It's personal data lifecycle approach augmented with ready to use security and privacy control framework from its Enterprise Security and Risk Management practice and the IPs from its data privacy research organization makes it easy for organizations to take off their journey. The agile approach to organization and system level assessment makes it easy for organizations to achieve progressive compliance rather than waiting for it forever. 
At an organizational level, case studies with our clients have shown shortfalls in group level privacy policies and the pressing need to address data leakage and identity and access management solutions around data storage. None of these are quick or easy fixes but once solved offer organizations greater insight to their customers and the ability to drive real business value from this knowledge. 
GDPR should not view as a brake on business or a tiresome piece of bureaucracy but rather a superhighway firmly pointed in the direction of a fairer and more efficient data economy. If European companies can embrace that vision in a timely fashion, the rewards will be great. There is still time to act but there is also a sense of urgency too. What is important to remember is that this is a journey, not a destination
Authored By - Vikas Choudhary
TCS Cyber Security


Rate this article: 
No votes yet
Article category: