To read the article in full click here
Saurabh Ghelani, a digital trust and GDPR expert at PA Consulting Group, is quoted in an article in CIO Magazine on the confusion around GDPR now that there is less than one year before it comes into compliance.
In the article, Saurabh points out that GDPR compliance efforts need to go right to the top of the company: firms cannot be fully compliant without board involvement. “After all, eventually it is the board who is accountable”, explains Saurabh.
Saurabh advocates a cross-functional leadership team comprising senior representatives from all business areas, including marketing, customer service and procurement. “This will make implementing GDPR a success,” he says.
The GDPR is a game-changer. Learn how PA is helping clients make the most of this opportunity.
Saurabh goes on to say that implementing GDPR is not a one-man show: “Embedding GDPR is not only the responsibility of the DPO; it’s also an organisational topic and needs support from all key functions.”
He explains: “The DPO or the legal and compliance functions may drive GDPR implementation initially. However, stakeholders across the personal data ecosystem have an equal part to play in the project as it will impact their roles and activities.”
According to Saurabh, if a company has not yet appointed a DPO, the responsibility of driving the GDPR project should be with a senior management representative who has the “gravitas, mandate and visibility across the business”.
This could potentially be the COO or CEO, he says. “This type of role can leverage a company-wide network to implement GDPR in the most effective and efficient way,” concludes Saurabh.