GDPR Compliance

Preparing for General Data Protection Regulation

The incoming General Data Protection Regulation (GDPR) is the most significant shake up in data privacy regulation in 20 years, with the punitive penalties for violation leaving your business liable for tens of millions of pounds, euros, dollars or, up to 4% of annual turnover - whichever is greater.

The EU GDPR directive is now a top agenda item for any business entity which uses data and is involved with European personal data, regardless of their geographic location.

Businesses which do not comply by 25 May 2018, risk damaging their reputations and long-term growth prospects.

The Impact of GDPR for Business

The GDPR will impose regulatory and citizen control over personal data: which has become a vital business asset in our digital, globalised economy.

The new compliance obligations include strident rules which make obtaining data and consent of personal data use far more complicated with greater liabilities.

Furthermore, there are new obligations for transparency, including breach disclosure requirements, the reporting of security and confidentiality breaches to the regulators and the people affected. Organisations must now get to grips with the risks of misusing personal data to follow best practices, or be in breach of GDPR.

I Stock 505257266

We have identified the key changes of GDPR which entities will need to prioritise when adapting their strategies and compliance processes:

  • Right to be Forgotten - The public will be able to demand the right to have their personal data deleted and destroyed by organisations.
  • Data Portability - An individual shall have the right to receive their personal data concerning them, and have the right to transmit the data to another entity without hindrance from the original entity.
  • Greater access to Data - GDPR gives people new rights over their personal data, which can be used against organisations in court.
  • New powers for Data Protection Enforcers - Regulators will have considerable new powers, enabling them to intervene more readily in entities operations, and have the authority to impose harsher fines for non compliance.
  • Power Shift - With the sweeping changes to the laws, informed customers will be emboldened to pursue complaints before regulators.

Our GDPR Compliance Services

As specialists in data, we have the multi-disciplined expertise to help your business navigate the upheaval which GDPR will cause. We’ll also ensure that you are properly protected from the risks that non-compliance and breaches represent. The Comma team are data experts and take a data first view on GDPR:  if you are able to prove that your data is understood and is under control then compliance falls naturally into place.

We service clients in 3 key areas:

1. Discovery

Discovery involves using advanced discovery tools (and interviewing people) to understand where personal data lives across your enterprise and cataloguing the results. If done correctly this may be all you need to respond to data access requests and to purge on demand - although it’s time-consuming and manual.

2. Readiness

Readiness involves using data quality tools and external data sources to improve the quality of your data. Once discovereddata can be compared between systems and to validated sources. We use our partners Experian, D&B - to give a level of confidence that, when challenged, you avoid returning inconsistent data.

3. Governance

Governance introduces policies, processes and technologies to control the distribution, use and accuracy of personal data, and to give you a single port of call to find (and purge) personal data. This could involve the implementation of technologies such as Master Data Management to give a single view of a person.

The ramifications of GDPR in 2018 can seem daunting. The sooner you prepare your business for the inevitable, the better your strategies and culture for compliance will be.

I Stock 505257266

Need help with GDPR compliance?

Contact our team of specialist General Data Protection Regulation Consultants today.

Our team of specialist General Data Protection Regulation Consultants can provide you with more information about Comma Group’s GDPR services. Is your business GDPR compliant? If you have any questions you would like to ask, feel free to contact us.

Book An Assessment