RC: In your experience, are companies acknowledging that the requirements of the General Data Protection Regulation (GDPR) constitute a major issue? Do many fail to realise the amount of work involved or the time it will take to become GDPR compliant?

Morrissey: The GDPR is a significant evolution of the current data protection law, with greater emphasis on accountability, transparency and consumer control and, in most cases, this demands significant changes to business practices. Most organisations do not fully recognise the amount of work required or the time it will take to become GDPR compliant, and to maintain compliance on an ongoing basis. It is true that effort is required; however, the GDPR should not be viewed with dread. In fact, if companies get their ducks in a row now, being compliant can provide great benefits and opportunities to a business, such as improved customer loyalty. There is a suspicion in the industry that in early 2018 there is going to be a significant realisation that the GDPR is not something to be ignored. However, for some organisations, it might take headline case studies of the regulator issuing penalties to get them to take notice.

Jan-Mar 2018 Issue

Sytorus Ltd