Stay informed about cyber awareness training topics and mitigate risk in your organisation.

5 Things You May Not Know About GDPR

With the implementation of GDPR just around the corner, a major cause for concern is the number of organisations who do not know about the regulation and the effects it will have on their business.

This is reflected in a recent survey where 1 in 3 business leaders admitted that they had never heard of GDPR. Forrester have also predicted in their latest report that come May 25th 2018 up to 80% of firms will not fully comply with GDPR. With this in mind we have crafted a blog with 5 things that you may not know about the new regulation that you will need to if kicking off a GDPR project. 

Pinpointing Data = No Easy Feat!

5 Things You May Not Know About GDPR

Identifying the personal data you hold and where it is stored is paramount to ensuring GDPR compliance. 68% of CIO’s believe that pinpointing this data is going to pose a real problem due to the complex nature of modern business, with personal data storage and processing being a daily part of working life within most departments.

Consent is Vital

5 Things You May Not Know About GDPR

The issue of consent has been one under constant debate for quite some time now, raising all kinds of issues for many industries and departments – particularly the field of marketing. Following the introduction of GDPR in May explicit consent will become a mandatory requirement. Organisations will need to seek ‘specific, informed and unambiguous consent’ from an individual before processing their personal data.

Breaches Demand Response Without Delay

5 Things You May Not Know About GDPR

When the new regulation comes into effect businesses will have just 72 hours to notify their Supervisory Authority of a data breach aswell as affected data subjects and they must do so without undue delay. 

This is a drastic difference compared with the non-existent breach notification requirements under the current data protection directive. To put this challenge into perspective, it can currently take many organisations up to 197 days to discover all of the material facts relating to a data breach.

DPO Demand is Greater Than Ever

5 Things You May Not Know About GDPR

Many organisations will now need to appoint a Data Protection Officer (DPO) in order to comply with GDPR. However, there is a real outcry for DPOs as they are in short supply. It is predicted GDPR will require around 28,000 of these specialists around Europe.

Non-Compliant Cloud Apps

5 Things You May Not Know About GDPR

If your organisation depends on cloud based applications to conduct business, you will need to look into the compliance of these platforms with GDPR as these may pose a risk to your organisation’s compliance status. In July 2016, 98% of cloud based apps were not GDPR ready.

GDPR poses a great amount of non-compliance risk to many organisations globally who actively target the E.U market. If you’re interested in reading more of our blogs on GDPR topics you can find out more here.

Did you find this blog helpful? What are your main causes of concern with the introduction of GDPR?

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

UK GDPR Series Available Now

Privacy is an ongoing concern for every organisation, however, the notion of consent isn’t without its complications. To help organisations navigate data protection protocols, we
Read More »

Seasonal Phishing Templates

Phishing is a year-round activity for cybercriminals, and just like retailers, they use seasonal events as an opportunity to cash in. Seasonal occasions, including St
Read More »

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations