In this week’s podcast, Cindy Compert, IBM Security’s chief technology officer (CTO) of data security and privacy, and David Jarvis, security and chief information officer (CIO) lead at the IBM Institute for Business Value (IBV), cut to the chase about General Data Protection Regulation (GDPR) compliance.
The GDPR Compliance Checklist
As Compert notes, many companies face a compliance divide between business units, with some departments, such as IT, pulling ahead of other teams, such as HR and marketing.
To shore up GDPR preparation, she recommends:
- Consulting expert legal counsel to determine business obligations under GDPR;
- Creating a cross-functional GDRP team to ensure companywide compliance;
- Reviewing privacy and customer consent policies; and
- Ensuring that compliance efforts are trackable, auditable and verifiable.
The State of GDPR Preparation
On May 16, IBM IBV released a new report about the state of GDPR preparation, and some findings are surprising. Offering a sneak peek, Jarvis reveals he was surprised that 60 percent of those surveyed seemed to take the positive outlook, saying they see GDRP compliance as a way to transform overall security management.
The upcoming report also tackles organizations’ uncertainties. Top spots went to concerns about ongoing changes to the legislation and the cost of compliance.
Take Action Today
For companies struggling to meet the deadline, Compert suggests taking immediate actions, such as scanning for unstructured data, re-evaluating website privacy notices and leveraging expert help. Cultural change that starts with the C-suite and becomes part of everyday operations is also critical.
If you enjoyed listening, please consider rating the podcast or leaving your feedback on iTunes.