Skip to content


  • Add this article to your LinkedIn page
  • Add this article to your Twitter feed
  • Add this article to your Facebook page
  • Email this article
  • View or print a PDF of this page
  • Share further
  • Add this article to your Pinterest board
  • Add this article to your Google page
  • Share this article on Reddit
  • Share this article on StumbleUpon
  • Bookmark this page

Who should manage your GDPR project?

 To read the article in full click here

Saurabh Ghelani, a digital trust and GDPR expert at PA Consulting Group, is quoted in an article in CIO Magazine on the confusion around GDPR now that there is less than one year before it comes into compliance. 

In the article, Saurabh points out that GDPR compliance efforts need to go right to the top of the company: firms cannot be fully compliant without board involvement. “After all, eventually it is the board who is accountable”, explains Saurabh.

Saurabh advocates a cross-functional leadership team comprising senior representatives from all business areas, including marketing, customer service and procurement. “This will make implementing GDPR a success,” he says.

The GDPR is a game-changer. Learn how PA is helping clients make the most of this opportunity.

Find out more

Saurabh goes on to say that implementing GDPR is not a one-man show: “Embedding GDPR is not only the responsibility of the DPO; it’s also an organisational topic and needs support from all key functions.”

He explains: “The DPO or the legal and compliance functions may drive GDPR implementation initially. However, stakeholders across the personal data ecosystem have an equal part to play in the project as it will impact their roles and activities.” 

According to Saurabh, if a company has not yet appointed a DPO, the responsibility of driving the GDPR project should be with a senior management representative who has the “gravitas, mandate and visibility across the business”.

This could potentially be the COO or CEO, he says. “This type of role can leverage a company-wide network to implement GDPR in the most effective and efficient way,” concludes Saurabh.

Contact the data privacy team


By using this website, you accept the use of cookies. For more information on how to manage cookies, please read our privacy policy.