Are you ready for GDPR? 25th May is just the start…


Posted on: May 25, 2018 by Deborah Dillon

Today GDPR comes into force. But, much like the millennium bug, it might feel like an anti-climax. The clock keeps on ticking and your business keeps on moving.

So, what has changed?

  • First and foremost your business is stronger, not only through compliance but you also have a stronger and more transparent relationship with your customers.
  • You will have enabled digital transformation for your organization. The GDPR will have pushed you to better manage and own your data, which is a vital first step towards digitally transforming your business and accessing the possibilities of this such as better operational efficiency and customer service.
  • You will have developed a team structure for data management and accountability with strengthened security protocols and visibility.

Still unsure?

For those organizations who are still unsure and continue to have some doubt about their compliance. Don’t panic. A pragmatic, common sense approach will bring you into line. Follow the twelve steps on the ICO website remembering these three key principles:

  • Do I know where personal information is stored and how?
  • Do I know how it is coming into my organization?
  • Do my customers understand our privacy policy and are they giving affirmative consent?

Where next?

This is the start of a journey. When enforcement begins and we see some organizations taken to court and the level of fine imposed there will be renewed interest and nervousness from business, however, the interesting change will be with the customer.

People’s relationship with their personal data has already started to change. The Cambridge Analytica scandal and increased knowledge of Facebook’s involvement in political systems has seen a change in mind-set around what information people are comfortable to give away. In many ways GDPR anticipated this change of mood.

Ensuring that people can trust organizations to be careful with their data will provide a better and stronger relationship that could have many positive impacts. A willingness to share anonymised health data could lead us to significant research breakthroughs in improving treatments.

An example of this is with Genomics England who will complete an ambitious project this year to sequence the entire genetic codes of 100,000 people, who suffer from some of the world’s most debilitating rare diseases and common cancers. A project that is only possible because people have been willing to share their most personal data on the understanding that it will be anonymised and used for the greater good.

Offering people control over the destiny of their data doesn’t necessarily mean organizations will have less access to it. Conversely, it could mean a stronger and better relationship.

I’m excited to see what the future holds for the post GDPR implementation world.

Share this blog article


About Deborah Dillon

Data Privacy Lead
Deborah Dillon is Lead Auditor, Business & Platform Solution for Atos UK&I. She specialises in Information Governance, including the application and implementation of Data Protection processes and procedures across a wide range of organisational areas. She is a BSI accredited ISO 27001/2 Lead Auditor.

Follow or contact Deborah