editor ’ s question
?
fter four years
A of GDPR implementation , the journey has been bumpy but positive . Launched in 2018 , GDPR aims to harmonise how state members deal with data protection , helping citizens understand how their data is being used , and giving them rights over their data .
First , we saw the introduction of specific privacy roles such as the DPO ( Data Protection Officer ) to ensure the organisation complies with the laws regarding the individual personal data . This was the starting point for making organisations aware of the importance of securing personal data . The fact that organisations now have privacy-by-design mindset , ensuring data is encrypted , PII data is classified and correctly handled , is something that , before the GDPR , was seen as an extra cost .
Secondly , we saw a massive adoption of data lineage solutions , enabling auditing , accountability and allowing organisations to better understand the flow of data through a system . As we increasingly become a data-driven society and organisations consume huge amounts of data , it is imperative to understand how that data was generated , how it was processed and how it is used . As a result , data lineage solutions have grown tremendously over the past four years .
The purpose of GDPR was to provide transparency , compliance but also sanctions . The fines under the GDPR
One thing is certain , GDPR inspired many regulations around the world based on its model .
over the last four years have been huge , especially last year reaching millions of dollars targeting some key technology players . The sanctions also served to signal the scope of the GDPR , as there were criticisms of slow investigations , confusing processes and unclear responsible authorities in member states .
RICARDO FERREIRA , EMEA FIELD CISO AT FORTINET
One thing is certain , GDPR inspired many regulations around the world based on its model , and the EU will certainly benefit from its experience in its new laws on data , AI and digital services . As for GDPR , although it is slowly maturing , its success will be weighted on how it relates to other countries ’ requirements and becomes part of a harmonised privacy regulation across the globe . It is also important to make sure there is an appropriate framework for international data transfer so as not to harm the EU , due to restrictive measures from GDPR interpretation . Especially as data-reliant industries represent almost half of the European economy and the trend is for data-reliant industries to grow .
While there was a learning curve behind GDPR , we can now appreciate the positive and impactful aspects that it brought us . u
While there was a learning curve behind GDPR , we can now appreciate the positive and impactful aspects that it brought us .
30 www . intelligentciso . com