Close
  • Home
  • Applications
      • Asset Management
      • Business Intelligence
      • CEM
      • Cognitive
      • Compliance
      • CRM
      • Data Center
      • E-Invoicing/E-Billing
      • Enterprise Communication
      • Enterprise Mobility
      • ERP
      • Facility Management
      • GDPR
      • Human Resource
      • Information Security
      • ITSM
      • Managed IT Services
      • MarTech
      • Payment and Card
      • Procurement
      • RegTech
      • Risk Management
      • RPA
      • Software Testing
      • Unified Communication
  • Verticals
      • Automotive
      • Casino Tech
      • Contact Center
      • Enterprise Startups
      • Field Service
      • FinTech
      • Healthcare
      • Legal Tech
      • PropTech
      • Telecom
      • Travel and Hospitality
  • Technologies
      • Agile
      • Artificial Intelligence
      • Augmented & Virtual Reality
      • Big Data
      • Blockchain
      • Cloud
      • Data Analytics
      • DevOps
      • Drone
      • HPC
      • IoT
      • Robotics
      • Smart City
      • Storage
  • Company Eco System
      • Adobe
      • Dassault Systemes
      • HPE
      • IBM
      • Microsoft
      • Oracle
      • Salesforce
      • SAP
  • News
  • conferences
  • Newsletter
  • Specials

  • Menu
      • Big Data
      • Blockchain
      • Casino Tech
      • CEM
      • Cloud
      • CRM
      • DevOps
      • Drone
      • Facility Management
      • GDPR
      • IoT
      • Legal Tech
      • Oracle
      • PropTech
      • RPA
  • Blockchain
  • Cloud
  • CRM
  • Drone
  • Facility Management
  • IoT
  • Oracle
Specials
  • Specials

  • Big Data
  • Blockchain
  • Casino Tech
  • CEM
  • Cloud
  • CRM
  • DevOps
  • Drone
  • Facility Management
  • GDPR
  • IoT
  • Legal Tech
  • Oracle
  • PropTech
  • RPA
×
#

CIO Applications Europe Weekly Brief

Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from CIO Applications Europe

Subscribe

loading
  • Home
  • Cyber Security
Editor's Pick(1 - 4 of 8)
left
The Tao of Cyber Security in today's reality

Marc DeNarie, CIO, NaturEner USA & Canada

Security and Compliance-Focused IT Approach-Key For Business Success

Daniel Hughes, CIO, Elementis Global

Cybersecurity in a Connected Government

Behzad Zamanian, CIO, City of Huntington Beach

Conducting Cloud Operations Economically

Scott Crowder, SVP & CIO, BMC Software

Service Driven Technology

Les Ottolenghi, EVP & CIO, Caesars Entertainment

Addressing Cyber Security Strategically

David L Stevens, CIO, Maricopa County

IT- A Game-changer in Cybersecurity

Tammy Moskites, CIO and CISO, Venafi

The Realities of Cybersecurity

Doug Mullarkey, CIO, First Choice Loan Services Inc.

right

THANK YOU FOR SUBSCRIBING

Are European Businesses Ready for the EU General Data Protection Regulation (GDPR)?

By Dominic Johnstone, Head of Information Management Services, Crown Records Management

Tweet
content-image

Dominic Johnstone, Head of Information Management Services, Crown Records Management

With the EU General Data Protection Regulation (GDPR) drawing ever closer—it will come into force in May 2018—there remain serious question marks over whether businesses across the continent are ready for its arrival.

The regulation will give EU citizens new rights over their personal data, including the right to ask for it to be edited or deleted, as well as bringing in huge fines for data breaches. So, the challenge for all businesses comes from the need to know exactly what data is being held and where it is before taking further steps to make that database searchable and editable.

For some companies there is no doubt that it is a daunting prospect. Businesses which have large amounts of data stored on paper face a particular challenge because the regulation applies not only to digital information but to all personal data however it is kept. Larger businesses will need to appoint a Data Protection Officer before next May and all will be required to build ‘privacy by design’ into their data policies and gain clear consent before collecting the personal data of EU citizens from now on.

The bottom line is that all those changes require significant investment to allow information management systems to be updated and hardware upgraded. So, perhaps it should come as no surprise that many businesses have been delaying preparations.

A Crown Records Management Survey, undertaken by Censuswide, polled 408 IT decision makers in companies of between 100 and 1,000 employees in the UK earlier this year and found that a quarter of businesses had cancelled preparations for GDPR while they waited for Brexit. This has proved to be a mistake because the UK has since passed the UK Data Bill, which mirrors many of the principles of the GDPR, and Brexit has moved so slowly that Britain will still be part of the EU when the regulation comes into force on May 25.
Additionally, companies have quickly realized that even businesses based outside the EU will be affected in future if they handle the personal data of EU citizens.

What many businesses seem to be missing is that there are also significant business benefits arising from updating information management policies and becoming GDPR compliant


You have to ask, then, why businesses are not doing more to prepare and whether an underlying ‘head in the sand’ culture is leaving them vulnerable. The Crown Records Management Survey painted a worrying picture when it came to attitudes to data breaches, for instance, and suggested many of the UK’s data breaches are currently going unreported.

The most hard-hitting statistics include:

• 32 percent know someone in their company who has not reported a data breach
• 31 percent have delayed reporting a data breach to senior management or the appropriate authorities
• 29 percent have chosen not to report a breach to senior management or the appropriate authorities
• 27 percent know someone in their previous company who has not reported a data breach
• 14 percent don’t know who to report a breach to
• 8 percent don’t know what constitutes a data breach

Some of these statistics are shocking and suggest that data breaches may be far more common and more widespread than many people realize. That’s a big issue when you consider GDPR will bring in fines of up to 20m Euros or 4 per cent of turnover for data breaches in future. It also provides a strict timescale for the reporting of breaches (within 72 hours).

There appears to be a culture inside many companies that the best response to a breach is to ignore it or keep it quiet. Perhaps this comes from a fear of the loss of reputation which can be experienced when breaches are publicized. Or perhaps it is simply down to lack of clear procedures and information management in the business. Either way, the implications are serious. It is absolutely vital that businesses tackle this culture of secrecy because in future failing to report a breach will simply not be acceptable. In fact, it shouldn’t be acceptable now. Having a clear data protection and information management programme in place is vital for businesses to avoid these kind of problems. It should be very clear who is responsible for reporting breaches and who they should be reported to.

What many businesses seem to be missing is that there are also significant business benefits which arise from updating information management policies and becoming GDPR compliant. These include de-risking the business, cutting the cost of storage, and unlocking hidden value in data.

There is a strong belief in the industry that companies which can prove they are good custodians of personal data will gain a significant advantage over market rivals in future.

The ‘head in the sand’ approach could not only put reputations at stake but also see businesses miss out on future opportunities for growth.

Read Also

Service Driven Technology

Service Driven Technology

Les Ottolenghi, EVP & CIO, Caesars Entertainment
Addressing Cyber Security Strategically

Addressing Cyber Security Strategically

David L Stevens, CIO, Maricopa County
IT- A Game-changer in Cybersecurity

IT- A Game-changer in Cybersecurity

Tammy Moskites, CIO and CISO, Venafi
The Realities of Cybersecurity

The Realities of Cybersecurity

Doug Mullarkey, CIO, First Choice Loan Services Inc.

Weekly Brief

loading
cxoinsights
Top 25 Cyber Security Companies - 2017
ON THE DECK

Cyber Security 2018

Top Vendors

Top Trending News

  • How can European Providers Outdo Global Cloud Computing Suppliers?
    How can European Providers Outdo...
  • How Europe Plans to Minimize 5G-Induced Risks
    How Europe Plans to Minimize...
  • Top 3 Tech Innovations Striding in the European HR Industry
    Top 3 Tech Innovations Striding in...
  • 4 Latest Enterprise Mobility Trends to Follow
    4 Latest Enterprise Mobility Trends...
View More ›

Copyright © 2019 CIOApplicationsEurope. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy |  Sitemap |  Subscribe |  About Us

follow on linkedin follow on twitter follow on rss
This content is copyright protected

However, if you would like to share the information in this article, you may use the link below:

https://cyber-security.cioapplicationseurope.com/cxoinsights/are-european-businesses-ready-for-the-eu-general-data-protection-regulation-gdpr-nid-53.html