The GDPR Deadline Was By No Means a Finishing Line: So What Happens Now?
The two-year anticipation for 25th May 2018 is now over, and the deadline for GDPR has passed. Businesses are breathing a sigh of relief because the panic to become GDPR ready is over and users are relieved because the barrage Stewart Room, lead partner for GDPR and data protection told ZD Net “if people regard May 25 as a finishing line, that's an error: this is a perpetual legal regime which will require constant work and improvement". Find out what you can expect in a world beyond the GDPR deadline. of private policy e-mails should finally end. But is it over? What does the world look like after the GDPR deadline?
Stewart Room, lead partner for GDPR and data protection told ZD Net “if people regard May 25 as a finishing line, that's an error: this is a perpetual legal regime which will require constant work and improvement". The deadline, after all, was the deadline for companies to be GDPR ready, or in other words to have a plan in place to become compliant. GDPR itself does not have a deadline, it is something that must form a part of company policy and be engrained into company data processing.
What will change for businesses?
- Company-wide Awareness: Now businesses have, or should have, a policy in place, the focus will now be on putting that policy into practice. It is about making sure your employees know their role in making sure the company is compliant and integrating this policy into your general business training.
- Monitoring and reporting: Part of GDPR is the obligation for businesses to report a data breach within 72 hours of its discovery. Stewart Room also told ZD Net that he believes "breach notifications could go through the roof” as companies panic about concealing any information that could put them at risk of non-compliancy. This is common with any new policy, Room says, and it is normal for ‘over-compliance’. GDPR is a learning process for everyone and companies will learn what is necessary to report and what is not.
- Transparency with your clients: This is the main aim of GDPR and a great benefit for businesses, being GDPR compliant means a greater level of trust and respect between a business and its clients. Making sure your client knows how you will protect their data and that you are compliant is a great way to build your reputation. It was revealed that this is the main source of concern for SMEs because they are more worried about their reputation for non-compliance in GDPR than fines.
What will change for users?
Users have a nicer period ahead of them as this act has given them further control over their data. A report from the7stars has revealed that almost two thirds (63%) of users confirmed that GDPR has made them ask themselves ‘how much data others are holding on me’. More than half (57%) will think twice before giving companies access to their data. Once users have made it through the backlog of e-mails asking them to opt-in to marketing e-mails, they can enjoy a process similar to a ‘spring clean’ in reviewing who has access to their data and asking for companies to erase their data from their database.
Overall we can see that GDPR was worth all the stress and headache of the last two years, There are great benefits for businesses in promoting their compliance to make them more trustworthy and improving their relationship with clients; for users this policy brings them to a more even level in the advertising industry, giving them more control over how their data is used. GDPR is a learning process, but companies have no need to panic as long as they have a policy in place and are making a conscious effort to evolve the policy to meet new needs and as they learn more about compliance.
If you have any concerns about compliance feel free to get in touch with us at Xenace, as we pride ourselves on our expertise in security we can help you to become compliant through both our managed IT support package as well as through protecting your company data against phishing attacks through our interactive training platform Phishwise. Just drop us a message to find out more information about either of these services.