The Human Face of Data: Why GDPR Compliance Demands a Shift in Culture
When we’re studying spreadsheets and click through rates it can be easy to forget that every instance of data originates from a fellow human.
On Tuesday May 29th , like any other day, Alex sends out a weekly newsletter style email update to the same old contact list, letting them know about the new and upcoming deals the North American Branch of company X has to offer. That afternoon, in the process of helping a new intern with some training, Alex emails over a file with information on that same list of contacts and their details to use as part of an analysis demonstration.
How many red flags did you notice?
The General Data Protection Regulation (GDPR) is a set of data privacy laws affecting the European Union and organizations conducting business with the EU. All businesses that process the data of citizens of the EU are required to take steps towards compliance by May 25th 2018.
It’s been predicted that 80% of firms will not fully comply with GDPR by May 2018[i]. Compliance takes technical form in systems, policies and processes put in place to ensure data protection, ongoing data subject consent and employee training. Compliance also takes form in a shift in how employees understand and approach the use of data; A shift in culture fueled by understanding why and how GDPR relates to every line of business.
Shifting towards Privacy by Design
Any shift in culture starts with education and succeeds with accountability. Once teams gain an appreciation for how GDPR affects daily operations, turning enlightened processes into practice throughout all levels of an organization will go a long way in supplementing the large sweeping security and database that are likely already underway.