The pending General Data Protection Regulation (GDPR) is set to have a dramatic impact on businesses across Europe. Meeting its tough new mandates will put huge pressures on businesses to capture, integrate, certify, protect and monitor all of their data seamlessly and efficiently.
They will need to track and trace how potentially sensitive data is managed and used across the whole information supply chain , not only their CRM, HR system or their Hadoop data lakes; deliver “pseudonymisation”: the separation of data from direct identifiers so that linkage to an identity is not possible alongside data portability, which allows individuals to obtain their own personal data.
However, with the volume, variety and velocity of data passing through businesses growing exponentially, together with the proliferation of new cloud applications that might be adopted by lines of businesses without IT involvement, it’s increasingly difficult for hard-pressed IT departments to take total ownership on the protection of personal data without engaging their counterparts in HR, Sales, Marketing and other customer-centric organisations.
So what’s the solution? This article contends that to ensure proper data protection, businesses need to establish a collaborative approach for delegating accountability and responsibilities. Based on a data-centric shared platform, IT needs to turn everyone in the company who has to deal with sensitive customer or employee data into an agent for better data protection.
However, this decentralised approach for data management also requires controls, rules, monitoring and governance. Otherwise, it will fail. For most companies that must manage personal data related to European data citizens, GDPR mandates the appointment of a Data Protection Officer, whose role is to inform, educate and advise internally on the obligations pursuant to the regulation, assign responsibilities, monitor compliance, and cooperate with the supervisory authority.
While GDPR might appear as a constraint, compliance with which enables organisations to stay in business, and to avoid fines and reputational damage, it could just as well be considered an opportunity to drive customer-centricity and trust. This article argues that to achieve this data-centric approach and to meet all of the new regulatory challenges that GDPR compliance brings, businesses above all need to adopt an approach based on seamless collaboration and data integration.
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Meta’s fine over data privacy breaches underscores the critical challenges…
Hi, Thanks, that is really useful information. I do have…
“This is a very worrying attack that hit T-Mobile and…
“This latest cyberattack against T-Mobile may be smaller than previous…
“Genesis Market is a complex global criminal access marketplace. Buyers…