GDPR – Our Experience
- Thursday, August 9, 2018
Author: David Marinelli
The General Data Protection Regulation (GDPR) has dramatically changed the data protection landscape for EU businesses and citizens when it came into effect on May 25, 2018. This new regulation has superseded the Data Protection Act (DPA) of 1998 and has strengthened data privacy in the EU. Personal data held by organisations on EU citizens is now subject to a strict compliance regime that gives these citizens control over their personal data, the justification for holding the data and the right to erasure or rectification of that data.
The arrival of these regulations was at first seen in the financial services industry as yet another burden on top of the already seriously onerous regulations being relentlessly piled on this already over-regulated sector. It seemed that this was the final blow in a death by regulation saga. Indeed it may well be that for some businesses. It all hinges on the ability an organisation has to move with these seismic changes and reinvent itself as a business set to survive in this futuristic landscape.
At DM Europe, having overcome the initial shock, we started to plough through the regulation, as one does, in order to understand what made these rules tick and how we were going to apply them to our organisation and data subjects. I will not pretend that this was easy or even enjoyable, but it was extremely useful and with unintended advantages. I will share our insights and realisations as we went through this process in the hope that it will give you confidence that you can indeed turn GDPR into an asset.