GDPR did not stop on 25 May 2018

The fact that the General Data Protection Regulation (DSGVO) is one of the most important compliance regulations that Europe has met in recent decades is beyond doubt. Introduced to address the changing age of privacy on the Internet, it was both overdue and urgently needed to ensure consumer privacy.

Although the organizations have prepared for the deadline of May 25, 2018, it is important to know that May 25 was just the beginning of the DSGVO requirements and not the end point. What should companies know after May 25?

Long overdue legislation

GDPR is an essential piece of legislation. Since European Union (EU) privacy laws were last addressed in the 1990s, the world in which we live and work has changed beyond recognition. The internet was just in its infancy at the time, but now it is the basis for almost everything consumers do. We generate data with every click, swipe and website visit on a multitude of tools, from smart watches to tablets and mobile handsets to a whole array of Internet-of-Things (IoT) devices.

This data can used to identify us and the existing laws were not fit for purpose. After 25 May however, EU consumers will be able to extract their data from an organisation at any time they wish. The organisations that hold consumer data have to alert people within three days if their data is hacked, and they also must allow people to move their information to other providers immediately.

So after what feels like years and years of build-up, the deadline of 25 May 2018 is fulfilled. However, recent research by NetApp in Europe and the US revealed that 67% of businesses were concerned they would not meet the deadline, and only 40% of organisations felt confident they knew where their data was stored.

Modern compliance must on-going

This lack of preparation is alarming as May 25 has passed, but does not mean the end of DSGVO compliance.  New data on EU consumers will continue to be generated in vast volumes and all of this data flowing into and out of an organisation must to comply with GDPR, and will continue to do so.

Yet there is a fundamental flaw with the way some organisations approach compliance, as if it is a project that begins and ends on a certain date. That is not a realistic take on GDPR, and the reality is that modern compliance – and especially GDPR – is an on-going process.

Any organization that was fully compliant by the deadline of May 25th had to work hard to achieve this,  and those that are not ready will have to work doubly hard to complete their readiness, or face massive fines that could derail any business.

Digital compliance is the only viable solution

Bearing that in mind, the only realistic way for any organisation to manage on-going GDPR requirements effectively is via a digital platform that uses a process-driven approach to guarantee compliance. OXIAL recently launched the OXIAL GDPR EXPRESS, to meet this growing market demand.

Such a platform can help with key elements of GDPR, such as: where personally identifiable information (PII) is stored; where data enters an organisation; what needs to happen to it; how to keep it safe; and is responsible for it.

The OXIAL GDPR EXPRESS and accompanying digital approach provide an organisation with true peace of mind that GDPR requirements are going to be met, and that the processes are ready for compliance on an on-going basis. That peace of mind is essential because GDPR did not stop on 25 May – it was only the beginning of a continuous compliance requirement.

OXIAL’s New Generation GRC solutions are entirely built to address some of the greatest challenges impacting organisations that

are faced with Risk Management, Internal Control and Compliance and Audit. OXIAL’s integrated GRC platform enables

organisations to become more efficient and effective in mitigating risk by integrating and automating GRC processes on a global

scale.

Featuring intuitive and powerful tools that make it possible to respond to fast-evolving risk environments, OXIAL makes it easy to

synchronise corporate governance, enterprise risk management and corporate compliance activities and undertake real time

monitoring across all business and IT processes and company assets. OXIAL operates globally across multiple industries and

meets the needs of over 40 customers who have chosen OXIAL to drive business performance and achieve success.