Stay informed about cyber awareness training topics and mitigate risk in your organisation.

5 Things You May Not Know About GDPR

With the implementation of GDPR just around the corner, a major cause for concern is the number of organisations who do not know about the regulation and the effects it will have on their business.

This is reflected in a recent survey where 1 in 3 business leaders admitted that they had never heard of GDPR. Forrester have also predicted in their latest report that come May 25th 2018 up to 80% of firms will not fully comply with GDPR. With this in mind we have crafted a blog with 5 things that you may not know about the new regulation that you will need to if kicking off a GDPR project. 

Pinpointing Data = No Easy Feat!

Identifying the personal data you hold and where it is stored is paramount to ensuring GDPR compliance. 68% of CIO’s believe that pinpointing this data is going to pose a real problem due to the complex nature of modern business, with personal data storage and processing being a daily part of working life within most departments.

Consent is Vital

The issue of consent has been one under constant debate for quite some time now, raising all kinds of issues for many industries and departments – particularly the field of marketing. Following the introduction of GDPR in May explicit consent will become a mandatory requirement. Organisations will need to seek ‘specific, informed and unambiguous consent’ from an individual before processing their personal data.

Breaches Demand Response Without Delay

When the new regulation comes into effect businesses will have just 72 hours to notify their Supervisory Authority of a data breach aswell as affected data subjects and they must do so without undue delay. 

This is a drastic difference compared with the non-existent breach notification requirements under the current data protection directive. To put this challenge into perspective, it can currently take many organisations up to 197 days to discover all of the material facts relating to a data breach.

DPO Demand is Greater Than Ever

Many organisations will now need to appoint a Data Protection Officer (DPO) in order to comply with GDPR. However, there is a real outcry for DPOs as they are in short supply. It is predicted GDPR will require around 28,000 of these specialists around Europe.

Non-Compliant Cloud Apps

If your organisation depends on cloud based applications to conduct business, you will need to look into the compliance of these platforms with GDPR as these may pose a risk to your organisation’s compliance status. In July 2016, 98% of cloud based apps were not GDPR ready.

GDPR poses a great amount of non-compliance risk to many organisations globally who actively target the E.U market. If you’re interested in reading more of our blogs on GDPR topics you can find out more here.

Did you find this blog helpful? What are your main causes of concern with the introduction of GDPR?

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

Data Security Breach

Why is a Data Security Breach a Boardroom Issue?

Data security breaches have long since left the domain of the IT department and now sit firmly at the boardroom table. In today’s evolving threat landscape, board members need to be aware of the implications of a security breach and to be ready to take positive action.
Read More »

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations

WEBINAR: 27th May 2021, 15:00 BST

The Data Breach Blame Game: Employees or Employers?