As selected by our Content Manager, Caitlin Burns.
There is no question that the GDPR has fundamentally changed how businesses capture and handle personal information. It has made people more aware of their rights regarding data privacy and given them greater capacity to exercise these rights. As a result, CTOs and others responsible for GDPR compliance are under huge pressure to minimize the risk of a data breach occurring.
So, what is there to be learned by the action – and inaction – of businesses in the first 12 months of the GDPR?
Know what your customers are thinking
Part of doing business in a post-GDPR world is meeting the expectations of your customers when it comes to protecting their data. So, it’s essential you know what their expectations are.
HubSpot partnered with the McIntire School of Commerce at the University of Virginia to evaluate how people’s attitudes have or haven’t changed since the GDPR came into effect. It also takes a close look at the differences between EU and U.S. consumers’ perceptions, and how the GDPR may have influenced this. The resulting report is well thought out and engaging, offering great insight into the current climate.
Follow the money
Much of what’s been written about the first year of the GDPR centers on the fact that, despite a lot of hype, huge fines simply haven’t happened. The fines, designed to be a major incentive to businesses to comply, could reach up to €20m or 4% of global revenue. This article on Slate explains how the GDPR has failed to implement these financial penalties and why it matters.
Ask the experts
CTOs and IT Managers face specific challenges when it comes to data privacy and protection, like getting buy-in from the C-Suite and maintaining secure IT infrastructure. 13 IT experts weigh in on how IT decision makers are weathering the GDPR storm one year on, and what needs to be done differently moving forward.
Do a health check
GDPR is more than an attitude about data privacy, it is about compliance. It is procedures and processes that affect the day-to-day operations of a business. As part of its GDPR Periscope series, Lexology published practical tips for managing breaches and breach notification written by contributing law firm TLT LLP. Read it now for a refresher on the proper steps to take in the event of a breach.
We partnered with GDPR Specialist and Business Technology Consultant Tim Hyman to publish a guide to one of the biggest threats to GDPR compliance – non-searchable content. Fill in the form to get your copy of the guide and take the first steps to minimize the risk.
About the author
Caitlin Burns is DocsCorp's content manager and is based in our Sydney office.