GDPR: Summoning the Bulldog Spirit
May 25 has come and gone, and the world has not ended.
So far there have been no companies prosecuted or fined for breaching the terms of the GDPR, and life is continuing as normal. Including continued data breaches. Recently Carphone Warehouse, a major UK retailer of mobile phone services, has admitted a huge data breach involving 5.9 million payment cards and 1.2 million personal data records. And PageUp, a firm that manages millions of job applications around the world, suspects that it, too, has suffered a data breach—potentially affecting millions of job application records and other sensitive personal data.
So, to borrow from Winston Churchill: “… this is not the end. It is not even the beginning of the end. But it is, perhaps, the end of the beginning.”
A recent Verint webinar, hosted jointly with industry analyst Forrester, looked at what it will take to achieve and sustain a data protection regimen that will be consistently compliant with the GDPR.
It considered the sheer breadth of information that many organisations capture and the problems associated with managing the resulting unstructured data. It also reflected on consumer attitudes toward the use of their data, with Verint’s own research (Defining the Human Age: A Reflection on Customer Service in 2030) revealing that more than 70% worry about the amount of personal data held by organisations—and only 51% trust them to use it ethically and 58% would never deal with a business that had been subject to a data hack.
And with only half of businesses projected to have been compliant with the GDPR by May 25, and up to 24% expecting it will take them up to 12 months to become compliant1, perhaps they are right to be worried.
Compliance varies across industry sectors. By and large, those most used to regulatory oversight, such as the financial services and utility sectors, are the most prepared. The exception to this rule seems to be healthcare and the public sector, which are reportedly no better prepared than the retail, manufacturing and media industries.
In the webinar, Forrester’s Enza Iannopollo spent some time describing the key milestones along a route toward GDPR maturity. If you would like to review these in detail, you can watch the on-demand recording of the webinar here.
But as you continue to contemplate how best to ensure continued and reliable compliance with GDPR, it might help to bear in mind this quote from Tim Gough, Head of Data Protection at the UK publisher, Guardian News and Media:
“Good data protection normally enables you to do more things with data, not less.”
Or as Churchill put it: “A pessimist sees the difficulty in every opportunity; an optimist sees the opportunity in every difficulty.”
The GDPR has been hanging over us like a dark cloud for, perhaps, too long. Now that it is in operation, it is indeed only the “end of the beginning.” But if good data protection becomes the new normal, we can look forward to a future in which our businesses can use that data to drive new opportunities and continued expansion.
Let’s give Churchill the final word: “The nose of the bulldog has been slanted backwards, so that he can breathe—without letting go.”