Daren Glenister

Countdown to GDPR: Preparing for Global Data Privacy Reform

Preparing for Global Data Privacy Reform

Multinational businesses who aren’t up to speed on the regulatory requirements of the European Union’s General Data Protection Regulation (GDPR) are in for a rude awakening when 2018 rolls around.

It’s not enough for businesses to simply adopt cloud migration the way consumers do.

Companies face an extra set of rules when dealing with the lifecycle of sensitive data. Business leaders believe the GDPR will put U.S. companies at a disadvantage, and 50% of companies believe they are going to be fined for failing to comply with GDPR, due to its complexity.

In the interest of individuals, companies will need to offer easier access to their own data, the right to data portability through transferring personal data between service providers and the right to be notified of a data breach involving the individual's personal information.

Is your vendor asking, ‘please come audit us?’

To help prepare for 2018, companies need to reevaluate cloud strategies and data governance in addition to developing a privacy impact assessment when considering a new vendor or creating a new product. It’s important for companies to view and treat their vendors as an extension of their own organization as they continue to move data into the cloud.

Performing both an online and in-person evaluation can also help determine whether the current privacy control settings and policies meet expectations. Scrutinizing vendor readiness will play a major role in compliance as companies will be at fault for their inability to comply.

Global Data Privacy Reform

Some questions to consider are:

  • Why did I choose this vendor?
  • What risk will this bring me?
  • Do they have proper policies and governance structures in place?
  • Are their employees being trained on data privacy?

Vendors should be ready to roll out the welcome mat to customers or prospects at any time and have an open-door policy. They should also be able to provide proof that they can pass regulatory audits.

The importance of a CPO in the C-Suite

The rewards of hiring a Chief Privacy Officer (CPO) are endless when it comes to data privacy regulations and compliance. Not only will they keep IT departments in line and up to speed with global data privacy mandates, but they will also be on top of sharing which questions businesses should be asking cloud vendors. Appointing an expert in data privacy will save your company from non-compliance fines in all of the regions where you do business.

Although the rate at which data is revolutionizing companies defies the speed of light, it also poses more privacy risks extending beyond the IT team’s scope of work and knowledge. That’s where a CPO comes into play. As the data privacy landscape drastically changes, so will the organization’s team.

Companies will need dedicated resources to not only keep up, but help meet ongoing regulations, such as GDPR. In fact, part of the GDPR regulations require certain companies conducting business in Europe to have a CPO, so getting a jump start on hiring for this professional is better than playing catch up.

It’s always a good idea to have a successful security strategy in place in the event of a data breach, but whose job is it to implement, execute, and ensure customer data stays safe and secure? CPOs can work closely with IT to help drive strategies and tactics to keep personally identifiable information (PII) protected, in addition to keeping the rest of the C-suite up to speed.

Are you ready?

It’s critical for companies to understand the consequences and roadmap before regulations go into effect as remediation could cost more than just time, as the fines for data breaches are set to be around 4% of global revenue.

Rather than putting aside budget to pay the expected fines for noncompliance, businesses should invest in preparing their people, processes and systems to meet the regulatory guidelines the same way security vendors need to keep customers compliant.

By Daren Glenister

Daren Glenister

Daren is the Field Chief Technology Officer for Intralinks. Daren serves as a customer advocate, working with enterprise organizations to evangelize data collaboration solutions and translate customer business challenges into product requirements.

Glenister brings more than 20 years of industry experience and leadership in security, compliance, secure collaboration and enterprise software, having worked with many Fortune 1000 companies to turn business challenges into real-world solutions.

View Website
5 Predictions for Data in the Cloud and Cloud Platforms

5 Predictions for Data in the Cloud and Cloud Platforms

5 Predictions for Data in the Cloud 2017 has proven to be a big year for migrating data to the ...
Insight PaaS – Necessary or Just Hype?

Insight PaaS – Necessary or Just Hype?

Insight PaaS: A Primer A recent report from Forrester predicts that Platform as a Service (PaaS) will soon be the ...
Using Cloud Analytics To Improve Customer Experience

Using Cloud Analytics To Improve Customer Experience

Evolution of Cloud Analytics Moving data to the cloud, once considered a strenuous task, has now become commonplace in most ...
10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

10 Ways The Enterprise Can Prevent Data Leaks In The Cloud

Prevent Data Leaks In The Cloud More companies are turning to the cloud for storage. In fact, over 60 percent ...
International Data Privacy Laws: Consistently Inconsistent

International Data Privacy Laws: Consistently Inconsistent

International Data Privacy Laws Many multinational enterprises are faced with a plethora of restrictions and regulations both in their home ...
Turn to the Cloud as Part of Your Data Breach Strategy

Turn to the Cloud as Part of Your Data Breach Strategy

Data Breach Strategy The latest Verizon Data Breach Investigations Report is out, and the verdict is in: data breaches are ...
Countdown to GDPR: Preparing for Global Data Privacy Reform

Countdown to GDPR: Preparing for Global Data Privacy Reform

Preparing for Global Data Privacy Reform Multinational businesses who aren’t up to speed on the regulatory requirements of the European ...
The Good, Bad, and Downright Ugly Takeaways from WikiLeaks’ Vault 7

The Good, Bad, and Downright Ugly Takeaways from WikiLeaks’ Vault 7

WikiLeaks’ Vault 7 If you haven’t heard of the Vault 7 WikiLeaks data dump, you’ve probably been living under a ...
RSA Conference: FUD-free or filled?

RSA Conference: FUD-free or filled?

IoT 15 Billion Units By 2021 At the annual RSA conference, there were plenty of discussions and presentations on the ...
Safeguarding Data When Employees Leave The Company

Safeguarding Data When Employees Leave The Company

Safeguarding Data Employee turnover is unavoidable. According to CompData Consulting, the average employee turnover rate in 2015 in the US ...