The European Union's wide-ranging General Data Protection Regulation goes into effect in May 2018. Companies are scrambling toward implementing GDPR and its 99 articles.
To reach GDPR compliance, many companies must make significant changes to their business practices around collecting and storing data or face stiff penalties. It's not simply for European companies; any organization that has collected data on EU citizens will have to follow GDPR requirements.
It seems like every day now, there's a new study that shows businesses are woefully underprepared for implementing GDPR. Here's a sampling:
Among more than 4,000 mainly European startups polled in a survey commissioned by email service provider Mailjet and published in January, the average GDPR readiness score was 4.1 out of 10. And according to a late 2017 Commvault survey of 1,200 IT executives and personnel in Europe, Asia and North America, 47% said their company is well-prepared for implementation of GDPR.
That second statistic is certainly an improvement from this time last year, but it still leaves half not prepared enough for GDPR requirements.
Data protection vendors are trying to help companies implementing GDPR. For example, Veritas' Integrated Classification Engine uses machine learning to identify sensitive and personal data.
Expect data protection vendors to continue attacking this problem and trying to help their clients with compliance long after GDPR goes into effect. Implementing GDPR should be more than just checking off boxes, and organizations should make sure they're doing it right. In the end, this process can help an organization improve its handling of customer data regarding protection, compliance and management, just to name a few.
How do you make sense of all the information out there about GDPR? This handbook will provide details on its key data protection requirements and what vendors are doing to help.