GDPR is in effect, so what happens now?

A lot has been said about the General Data Protection Regulation (GDPR) that has come into effect from May 25, 2018. In the digital world, trust is invaluable, and customers, employees and all other parties will expect organizations to be responsible while using their data and in safeguarding it. Lack of trust in digital ecosystems brings in more challenges for companies to liberally use processes or share data in today’s digital economy. An ethos of data security and privacy by design is required for limiting exposure to adverse risks and protection of new business models. High ethical standards and strong digital trust will act as differentiators for companies in order to outpace their competition and to achieve better business outcomes.

A few organizations have taken steps in order to be GDPR-compliant with appropriate investments in technologies and processes. However, we find there are many organizations who are still in a period of adjustment, and where awareness on GDPR is building up, but not enough.

What will be the next steps to become GDPR complaint? We will see convergence in efforts towards GDPR-compliance along with a sharp focus and investment on data governance strategies and technologies. Companies will:

Analyze gaps in GDPR-compliance and come up with a roadmap plan that is agile and executable and which can be completed within a reasonable amount of time.
Put a firm strategy in place to adopt technology solutions that plug gaps in data discovery, data security and processing of rights and consents. Organizations will have to navigate through their vast data ecosystems to discover personal data and put in place mechanisms to protect it.
Strengthen transparency in demonstrating how the data is being used and document data processing capabilities.
Sharply focus on a “new data governance strategy” with data security and a “trust based model” as key drivers. Data strategies will evolve from being “truth-based” to “trust-based” and importance shall be given to centrally controlling the most critical and commonly used reference data than seeking absolute control of all the data attributes and measuring them on quality, consistency and completeness.

What are your views on measures that your organization needs to undertake in order to comply with the GDPR?

About the Author

Harshad has over 16 years of experience in Financial Risk and Compliance, Analytics and Information Management. His experience spans the spectrum of risk and compliance that includes a) Regulatory Reporting, b) Compliance - GDPR, BCBS 239, IFRS 9, SR 11/7, MiFID II, Sec 17 a-4, LEI, FRTB, Basel II / III, CCAR / IHC, FATCA / CRS and c) Quants areas - Model Development, Model Validation. He has played a key role in helping many Fortune 500 companies shape up their data strategies and implement solutions for risk and compliance.

Service Offerings

Client Themes

Service Offerings

Client Themes

Our Global Presence Global Site

Our Global Presence Global Site

Our Showcase Pages Locations

GDPR is in effect, so what happens

now?

About the Author

Service Offerings

Industries

Digital

HOLMES

Innovation

Contact Us

About Wipro

Location

Leadership

Investors

News and Events

Blogs

Partner Ecosystem

Careers

Sustainability

Contact Wipro