The EU General Data Protection Regulation (GDPR) has transformed how organisations around the world handle individual privacy. And that change presents an opportunity to drive more value from data.
Organisations have a choice. They can treat the EU GDPR as just another compliance issue. Or they can use its requirements to manage personal data in a way that will help make more informed decisions and create a better experience for customers and other stakeholders.
In either case, compliance is mandatory for all organisations that handle personal data of anyone in the EU. And the penalties for not complying with the GDPR are up to 20 million euros or four per cent of global annual turnover. Given the rewards for using data responsibly and intelligently, and the risks of not doing so, it’s obvious the regulation shouldn’t be treated as a tick-box exercise.
We are now seeing several other countries following the lead taken by the EU and putting in place similar privacy legislation. Many global organisations are realising that regardless of rules and regulation, robust data privacy should sit at the heart of their business to build trust, protect their customers and reputation, and drive forwards.
That’s why we’re working with organisations around the world to understand how the systems and processes needed for the GDPR, and other data privacy legislation, can create opportunities to improve decision-making and customer experience.
The EU GDPR has made major changes to the old Data Protection Act, including a fundamental alteration to the way organisations manage personal data. Essentially, the GDPR means organisations need to take a more proactive approach to managing personal data.
While we see eight key features of the regulation, we’ve identified three priority areas for organisations to focus on:
The EU GDPR has become the gold standard for individual privacy and many governments around the world are following similar privacy legislation. While it applies to any organisation that handles the personal data of people in the EU, the opportunities of complying for organisations that aren’t compelled to are immense.
Customers will be won-over by the commitment to privacy and security. It’ll be easy to capitalise on any opportunities that arise in Europe. And the improvements in data management will generate new insights.
So, whether the question is about the impact of Brexit on GDPR or whether American companies should improve individual privacy, the answer is that GDPR compliance brings big benefits.
Our diverse team of experts – covering data protection, cyber security, regulation and compliance, risk management, and business change – will design and implement a sustainable privacy and data protection programme that takes into account the GDPR and other privacy regulations and legislation.
We focus on embedding privacy in a way that maintains long-term compliance while generating business benefits from data. This approach put us at the forefront of GDPR implementation from the outset. Having successfully completed a wide variety of privacy and GDPR projects, we’ve gained an in-depth understanding of the complexities of integrating data privacy into operational environments. Our recent data privacy experience includes:
Latest client story – Trunomi: Meeting the challenge of new data protection regulations.