The sky has not fallen. The Internet has not stopped working. The multi-million euro fines have not happened (yet). It was always going to be this way. A year has gone by since the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’) became effective and the digital economy is still going and growing. The effect of the GDPR has been noticeable, but in a subtle sort of way. However, it would be hugely mistaken to think that the GDPR was just a fad or a failed attempt at helping privacy and data protection survive the 21st century. The true effect of the GDPR has yet to be felt as the work to overcome its regulatory challenges has barely begun. So what are the important areas of focus to achieve GDPR compliance?
An essential ‘GDPR To Do’ list for the months ahead looks as follows:
Ultimately, the key point to remember is that meeting the GDPR’s requirements is an ongoing endeavour. One could never regard it as a job done. Having adopted a GDPR compliance programme, organisations need to keep it alive without ever losing focus of what matters most and how the law is evolving. Complete certainty might be an unachievable goal but being alert to the practical priorities and getting on with the work will go a long way.
This article was first published in Data Protection Leader (May 2019).
Authored by Eduardo Ustaran
Are you sure want to delete comment ?
Scan this QR Code to share this content