It seems like everyone is talking about the General Data Protection Regulation (GDPR), but how many organizations are actually in a position to be compliant by the May 25 deadline? While GDPR has been a hot topic for months, only 101 days remain until this new data governance regulation goes into full-effect. Those that aren’t compliant risk severe financial penalties – €20 million (about $24.8 million USD) or 4 percent of annual global turnover (whichever is higher), to be exact.
While organizations outside of the EU may think they’re off the hook, GDPR doesn’t merely apply to EU businesses, but any organization processing personal data of EU citizens, including name, IP address, location and even religion and ethnicity, among other information. That said, organizations should be taking real steps to improve how they collect and manage data.
GDPR is about following sensible information management practices and compliance, and will therefore require practical steps which both improve organizational awareness and the practices that make it more likely people will follow the rules. In a recent webinar, “GDPR Compliance - Practical Strategies for Information Governance,” we cover all things GDPR – from what it is and why it’s important, to seven actionable strategies that organizations can implement to meet the new requirements, including:
- Obtaining consent for personal data collection
- Storing personal information centrally
- Auditing personal information your organization possesses
- Making personal information easy to find
- Designing for privacy
- Creating a practical record management process
- Deleting data when required
Improved data management and information governance has always been a good practice, but now it’s becoming critical for GDPR compliance. To learn more about getting your organization up to speed, listen to our webinar here, or download our new whitepaper, ‘7 Tips for GDPR Compliance.’