? editor ’ s question hen we look at the
W big picture , GDPR really has become a vital component of global privacy law . It set the standards for others to follow and it brought data privacy and data management into focus for everyone from citizens to enterprises and government institutions . Over the last four years , we shouldn ’ t underestimate the impact GDPR has had on highlighting the reasons that companies should take data-related issues more seriously and not put them on the backburner or leave them as an after-thought on their journey to being their ‘ best-self ’.
However , as data protection regulations expand from simply a ‘ citizens-rights ’ focus , many global organisations now find themselves struggling to manage the convergence of multiple data regulations across different regions and domains . This continues to impede progress on another key goal for their data , leveraging it to optimise growth and improvement . A key element of the
We shouldn ’ t underestimate the impact GDPR has had on highlighting the reasons that companies should take datarelated issues more seriously . latter is expanding the ‘ democratisation ’ of data and enabling greater self-service for the business in the strategic use of their data .
The convergence of GDPR and the need for a smarter , more data-driven enterprise has expanded the roles and responsibilities that are impacted by data regulations and created a new requirement for your regulatory response . Compliance has moved from the GRC team in the back room and their IT enablers to any and all data users of all stripes across the enterprise . This has resulted in organisations looking at data regulations more holistically and managing sensitive data in an environment where they can understand the unique requirements , impacts and manage any conflicts that may arise from the different viewpoints and drivers of said regulations . Part of this is increasing the literacy of data users around their responsibilities and providing wider visibility into impacted data . The other part is infusing the same visibility and literacy into the data and IT professional , building new data pipelines and applications so that they are compliant
DANNY SANDWELL , QUEST ’ S DATA STRATEGIST
GDPR has forced organisations to put sensitive data governance and regulatory compliance at the front and centre of their Digital Transformation efforts .
on day one and don ’ t risk costly missteps and expensive re-work . GDPR has forced organisations to put sensitive data governance and regulatory compliance at the front and centre of their Digital Transformation efforts .
What ’ s also changed in four years is that there is a much greater focus on the physical geographical location of data . Thankfully , cloud providers are no longer spinning their heads around in response to many organisations ’ specific regional hosting needs . With the various compliance , auditing and breach notification requirements under GDPR better understood , the major cloud providers are equipped to help organisations navigate and advise along the way .
This holistic approach to GDPR compliance will drive further innovation . In continuing efforts to mitigate risk , organisations will demand ‘ out of the box ’ compliance in the data and services they procure in order to relieve the burden . It will start as a competitive advantage for the innovators on the supply side and then commoditise into the cost of doing business . www . intelligentciso . com
29