Countdown to GDPR: Preparing for Global Data Privacy Reform

Preparing for Global Data Privacy Reform

Multinational businesses who aren’t up to speed on the regulatory requirements of the European Union’s General Data Protection Regulation (GDPR) are in for a rude awakening when 2018 rolls around.

It’s not enough for businesses to simply adopt cloud migration the way consumers do.

Companies face an extra set of rules when dealing with the lifecycle of sensitive data. Business leaders believe the GDPR will put U.S. companies at a disadvantage, and 50% of companies believe they are going to be fined for failing to comply with GDPR, due to its complexity.

In the interest of individuals, companies will need to offer easier access to their own data, the right to data portability through transferring personal data between Service Providers and the right to be notified of a data breach involving the individual’s personal information.

Is your vendor asking, ‘please come audit us?’

To help prepare for 2018, companies need to reevaluate cloud strategies and data governance in addition to developing a privacy impact assessment when considering a new vendor or creating a new product. It’s important for companies to view and treat their vendors as an extension of their own organization as they continue to move data into the cloud.

Performing both an online and in-person evaluation can also help determine whether the current privacy control settings and policies meet expectations. Scrutinizing vendor readiness will play a major role in compliance as companies will be at fault for their inability to comply.

Global Data Privacy Reform

Some questions to consider are:

  • Why did I choose this vendor?
  • What risk will this bring me?
  • Do they have proper policies and governance structures in place?
  • Are their employees being trained on data privacy?

Vendors should be ready to roll out the welcome mat to customers or prospects at any time and have an open-door policy. They should also be able to provide proof that they can pass regulatory audits.

The importance of a CPO in the C-Suite

The rewards of hiring a Chief Privacy Officer (CPO) are endless when it comes to data privacy regulations and compliance. Not only will they keep IT departments in line and up to speed with global data privacy mandates, but they will also be on top of sharing which questions businesses should be asking cloud vendors. Appointing an expert in data privacy will save your company from non-compliance fines in all of the regions where you do business.

Although the rate at which data is revolutionizing companies defies the speed of light, it also poses more privacy risks extending beyond the IT team’s scope of work and knowledge. That’s where a CPO comes into play. As the data privacy landscape drastically changes, so will the organization’s team.

Companies will need dedicated resources to not only keep up, but help meet ongoing regulations, such as GDPR. In fact, part of the GDPR regulations require certain companies conducting business in Europe to have a CPO, so getting a jump start on hiring for this professional is better than playing catch up.

It’s always a good idea to have a successful security strategy in place in the event of a data breach, but whose job is it to implement, execute, and ensure customer data stays safe and secure? CPOs can work closely with IT to help drive strategies and tactics to keep personally identifiable information (PII) protected, in addition to keeping the rest of the C-suite up to speed.

Are you ready?

It’s critical for companies to understand the consequences and roadmap before regulations go into effect as remediation could cost more than just time, as the fines for data breaches are set to be around 4% of global revenue.

Rather than putting aside budget to pay the expected fines for noncompliance, businesses should invest in preparing their people, processes and systems to meet the regulatory guidelines the same way security vendors need to keep customers compliant.

By Daren Glenister

David Fletcher Blown Image
Twitbook.png
Viral Infection Wearabletech
Cloud For Dummies.png
Suraj Kumar Singh
Make Smarter Business Decisions Updated: 08,18,2022 Launching a new start-up? You’ll need to invest in costly software packages, in-house servers, off-site back-ups and more. Right? Wrong. Thanks to the cloud, entrepreneurs are spoiled for choice ...
Drew Firment
Here’s How to Make Sure Your Skills are Cloud Ready This year will be a period of meteoric growth for the cloud industry. Research from Gartner suggests that global spending on public cloud services in ...
Jen Klostermann
The Fintech Landscape The Nitty Gritty Although the COVID-19 pandemic has highlighted its existence, most of us have been using fintech in some form or another for quite some time. It’s a big part of ...
Louis
Manufacturers’ Top Demands For Quality Software Competing on product quality has never been more urgent as rising raw material and component costs continue to squeeze manufacturers’ margins. At the same time, unpredictable supply chains make ...
Shireesh Thota
Here’s How to Position Your Organization for the Era of Data Intensity We live in a data-intensive era. Data is booming. Companies are realizing that data is one of the most important assets and they ...
  • Plural Site

    Pluralsite

    Pluralsight provides online courses on popular programming languages and developer tools. Other courses cover fields such as IT security best practices, server infrastructure, and virtualization.

  • Isc2

    ISC2

    (ISC)² provides IT training, certifications, and exams that run online, on your premises, or in classrooms. Self-study resources are available. You can also train groups of 10 or more of your employees. If you want a job in cybersecurity, this is the route to take.

  • App Academy

    App Academy

    Immersive software engineering programs. No experience required. Pay $0 until you're hired. Join an online info session to learn more

  • Cybrary

    Cybrary

    CYBRARY Open source Cyber Security learning. Free for everyone, forever. The world's largest cyber security community. Cybrary provides free IT training and paid IT certificates. Courses for beginners, intermediates, and advanced users are available.