With just under a year until it’s implementation, businesses need to start focusing on the opportunity of GDPR and how to best place themselves to take advantage of its benefits, says Ruaraidh Thomas, Managing Director, Applied Analytics, DST.
With a tsunami of regulation coming into full force, businesses can be forgiven for feeling rather overwhelmed, particularly those within the financial services space. With one year to go before we see the implementation of the EU General Data Protection Regulation (GDPR), there is a focus on the lack of preparation from firms to be ready. It is of paramount importance that all affected organisations spend the time until May next year getting GDPR-ready and compliant. Ignorance will not be viewed as an excuse for non-compliance.
The ever-changing landscape of data usage means an update to the previous Data Protection Directive is understandable; to bring legislation into line with the way businesses and people currently use their data. In terms of financial impact, any regulatory breach could be accompanied by potentially eye-watering penalties; firms will be fined up to 4 per cent of their annual global turnover should they be found to be in breach of GDPR.
However, despite the inevitable costs in compliance, both in terms of time and money, GDPR will allow businesses to gain a better understanding of their data and how it can be used for potential benefits and efficiencies. Indeed, according to the EU, having a handle on compliance matters could save businesses £2.3 billion a year*. We therefore believe the conversation should turn away from the cost of compliance and instead focus on why investing in GDPR will ultimately benefit businesses.
With GDPR around the corner, it has never been more important to root respect for privacy within the culture of a business. The capabilities of what data can achieve are often severely underestimated. Curating a culture where a business can at least start to understand what these capabilities may be, will not only help safeguard data, but allow businesses to cultivate it to its own advantage. Because of this, and the potential magnitude of costs for non-compliance, GDPR needs to stay firmly on the C-Suite agenda.
Ultimately companies which view GDPR as an opportunity to empower their business and leverage the value of their data, rather than simply more red tape, will be well placed to develop a competitive edge over those which only see GDPR as a pure cost burden.
The GDPR Summit London, the UK’s largest GDR Conference, is being held on January 9th. This one-day deep-dive event will explore the effects of the General Data Protection Regulation on business critical processes. Click here to learn more.