With only a matter of months to go until the deadline for GDPR, companies of all sizes are having to rapidly come to terms with what they need to do in order to comply to the new regulations.
Although some organisations will have ensured they are ready for the new rules through careful preparation and compliance, others may find themselves in for an unwelcome surprise, and possibly even a nasty fine, in the weeks following May 25th, 2018.
DataIQ has become one of the country’s leading authorities on data protection and GDPR readiness, and at the company’s recent DataIQ Future event in London, CEO Adrian Gregory told ITProPortal that the new regulations could be a great opportunity for businesses to ensure they are working at full potential.
"GDPR will drive huge investment in new technology, in sorting our data, putting better processes in place, and ensuring that there are no data breaches, which will drive business value,” he said.
“The whole premise of GDPR is around putting customers trust in your ownership of their data - if the customer sees that their data is being protected, that will build trust and encourage them to share their data much more actively."
Gregory noted that UK businesses will particularly benefit from the changes GDPR brings, noting that, "a lot of people still aren't comfortable with (GDPR), but those that are, appreciate what impact (it will have).”
“On the one hand, you have concerns about big fines, but you're also seeing companies like Equifax and TalkTalk that have had a breach, and suffered major brand damage and financial loss."
“GDPR creates the need, or the must, for companies to invest and do things they should have done many years ago.”
Post-May 2018, companies that are not up to date with GDPR may face large fines if found to not be compliant to the regulations, however Gregory doesn’t think that this scenario will emerge immediately, with compliance often taking time.
"I don't think it will be a Y2K moment, that it will pass and everyone will forget about it - there will be lots of people that aren't ready,..and companies will be caught out, because there are always data breaches,” he says.
“If (companies) can't demonstrate that they are up to speed, they will be in trouble. GDPR will be a fact and feature for years to come - but some of the companies we work with still aren't meeting the Data Protection Regulation from 1998."
Ultimately, it seems that for any businesses not currently on track to be compliant with GDPR, the race may truly be on. Data is becoming the most important resource for many companies around today - so important, in fact, that DataIQ likes to say that, “data is the new oil”.
However Gregory notes that data can also be something else, quipping that it can be ‘the oil and the asbestos’. “Like any asset, (data) can be a big liability,” he says, “we see big challenges around cybercrime, and the ever-increasing number of data breaches, that show you have to take massive care with your data."
"Data is quite a new profession, and unlike finance, or IT, or procurement, there's no real support…(but) unless it is taken seriously by a company, and put at the heart of what they're doing, there will be issues - which could even bring down the company."