With the European Union’s General Data Protection Regulation (GDPR) coming into effect in less than 50 days, chances are you know your business needs to rapidly transform how it manages the personal information and data of EU subjects.
According to research conducted by Vanson Bourne and IBM, 47 percent of organisational leaders surveyed in the UK, France and Germany indicated there is a lot more to be done to comply with GDPR before May 2018. But what is the best approach to take with such a short deadline for compliance?
A potential fine of up to 20 million Euros or 4 percent of global revenue (whichever is greater) for a GDPR breach is galvanising action, but many are still coming to grips with the journey towards GDPR readiness. Having a roadmap and a strong commitment to data responsibility can assist with a safe arrival.
Let’s start with the current challenge: knowing what is required of your company to avoid the potential financial and reputational damage of a breach.
Across the 28 EU states, you now must know what personal data you have, where it is stored and how it is processed, as well as how it’s secured and protected. Customer data must also be accessible if your customers want to take back or have you delete their data. You can start addressing concerns around data security and personal data protection by leveraging cloud, where enterprises can manage, connect and optimise their data in security-rich environments.
This raises the next challenge: once you know what’s required of your business, how will you execute?
I’ve worked with a wide range of clients in various stages of GDPR readiness leveraging IBM expertise across cloud, analytics, security and services. While some are still planning and strategizing how to meet GDPR requirements, others have undergone the transformation and are set to capitalize on the enhanced business value.
Regardless of where you are in your GDPR planning, you can implement a strategic approach to GDPR readiness incorporating the cloud as a component to success. What’s more, this approach to GDPR offers data protection and peace of mind.
If you’re just starting the journey, evaluating a hybrid cloud model is a good place to begin. With a hybrid environment, you can create a private cloud for your sensitive data, a public cloud for scaling, and hybrid capabilities to connect and unify all clouds, all services, and all of your data.
Once you’ve mastered transparency and control, the final challenge is how you clearly articulate ownership of data.
Those in highly regulated industries such as government and financial services need control over where data is located to address performance, security, and privacy requirements.
Onward to GDPR: The catalyst for responsible data stewardship
Within 50 days, companies must have the people, policies, and solutions in place to comply with GDPR. To reduce risk, organisations should choose the solutions that enable them to address multiple requirements easily and efficiently. Instead of stressing over the fear of non-compliance, look to the cloud as a key component in your path forward for GDPR-readiness, security and an opportunity to embrace responsible data practices leading into the future.
By Faiyaz Shahpurwala, General Manager, IBM Cloud
The inaugural Data Protection World Forum (DPWF) was held on November 20th & 21st 2018 at the ExCeL London and welcomed over 3,000 delegates seeking the very latest insight on data protection and privacy.
Pre-registration for DPWF 2019 will be opening in the coming weeks.