General Data Protection Regulation

It’s all over the news: data breaches are becoming more common and more damaging. There’s a growing need for organisations to invest in cyber security and demonstrate to their clients that they take the issue seriously.

The EU General Data Protection Regulation (GDPR) takes effect in 25 May 2018 and organisations across the globe are preparing for the change. But according to the GDPR Report, 41.2% of respondents said the person responsible for their organisation’s compliance project doesn’t have a formal or relevant data protection qualification. A further 13% said they don’t know if that person is qualified or not.

Considering the numerous challenges that organisations will face when implementing the GDPR, we strongly advise that all organisations find a qualified individual to oversee the process.

If you can’t find a skilled employee to manage GDPR compliance, then you have to appoint an existing member of your staff.

No country is immune: The industrial economy is giving way, or has already given way, to the digital economy, where data is currency and there is insatiable demand for it. Recognizing this, governments around the world are passing new legislation to require that sensitive data, personal data, be adequately protected, transparently used, and that the rights of data subjects to maintain control of their data are not violated.

Leading the way is the EU’s General Data Protection Regulation, what many are calling the world’s most comprehensive privacy law, reaching across 28 Member States and encompassing virtually every way that data might be collected and used. However, we see any number of other national laws coming quickly on the GDPR’s heels, many of them modelled after it.

As every regulator is aware, of course, a law is only as good as the populace’s ability to comply with it, and the legal mechanisms of enforcement that back it up. With so many new laws coming onto the books, and with the GDPR’s vast reach, it is no wonder that we are seeing organizations and enforcement agencies alike racing to staff their data protection offices with qualified professionals.

How, we must ask ourselves, can we produce enough privacy professionals in time to fill all of the positions being created? Such, in part, is the mission of the International Association of Privacy Professionals, which has deeply explored this issue. We offer here an estimate of the scope of the demand and some thoughts on how it may be addressed.

Whereas consultancy services from Gavigs Ltd provide a structured approach that benefit from immediate expertise and guidance, most professionals find that training courses provide a practical and comprehensive understanding of the Regulation(s).