The Information Commissioner made an interesting observation about GDPR in her end of year summation on 22nd December 2017.
Elizabeth Denham commented that some businesses held the false perception that GDPR was on a par with the Y2K Millenium Bug worry that all systems would fail, which festered amongst business in the run up to New Year’s Eve 1999.
In a view which Amicus ITS shares, she commented that organisations that had taken steps to put in place preparations for GDPR, should not be concerned. This follows a notable increase in scaremongering stories and also profiteering activity during 2017 for ‘GDPR solutions’.
Ultimately, companies have had two years to prepare for GDPR – and all the details are known (unlike with Y2K) and 25th May 2018 is simply the date the legislation takes effect.
However the identification of risks, understanding and good data management (accompanied by transparency to explain and communicate individuals’ rights) will, the ICO believes, create a sea change of positivity over time, as organisations catch up and apply the appropriate security to keep data safe.
Being committed to good process measures and demonstrating accountability for data management will, for Amicus ITS’ Director of Technology & Governance, JP Norman create a clear sign of assurance, competence and insight, especially valuable for IT Managed Service Providers. “For an MSP, the word ‘solution’ is a dangerous thing in relation to GDPR. There is no panacea. GDPR is essentially about a collection of measures diligently applied to fully understand and map how data comes into an organisation, where it is held, where it goes to – and then ensure it is safely protected and managed appropriately at all times in an open and transparent manner for stakeholders”.
See JP Norman’s interview and thoughts on GDPR for CRN as part of their expert European panel and download the e-book for more information http://view.ceros.com/incisive-media/solarwinds-gdpr-1/p/3