EU General Data Protection Regulation
16 February 2018
The EU General Data Protection Regulation is coming – what should we do?
The EU General Data Protection Regulation (GDPR for short) comes into force in May 2018. However, many businesses are only just beginning their preparations for implementing the provisions of the GDPR. How can businesses use the time now remaining until May 2018? Which typical obstacles present themselves for a business when trying to implement the GDPR?
There is the threat of stiff penalties and significant reputational damage
Most businesses have no option but to have finished implementing at least the core GDPR provisions in time by 25 May 2018. Failure to do so would result in the drastically increased penalties already referred to. Directors and managers fear that they may become personally liable if they have not taken steps to ensure that the GDPR is implemented in time in their firm.
In addition, however, fear of reputational damage is a driver for giving a high priority to GDPR projects in businesses. This is especially the case for businesses in the B2C sector, which face the threat of significant image impairment if breaches of the GDPR provisions in dealing with customer data become public.
Effective support for GDPR issues from BDO
Many GDPR requirements can only be implemented with appropriate IT support. A prerequisite for this, however, is that businesses are in a position to localise processed personal data in all their IT systems. This is easier said than done precisely in the case of IT landscapes with many stand-alone solutions. Furthermore, business must ensure that they have the appropriate tools to hand to be able to guarantee so-called data subjects’ rights. The rights of personal data carriers to e.g. disclosure, erasure or recall are scarcely manageable without IT solutions.
We are at your service for help with all issues concerning the GDPR. As well as legal advice with respect to the new GDPR requirements, we can provide many compliance specialists who regularly provide support to businesses in the implementation of new legal and regulatory requirements. Our multidisciplinary team is complemented by the experts from BDO IT GmbH, who can map out all the relevant IT services for the introduction of the GDPR.
We should be pleased to discuss these issues with you – you can get an impression of our advisory offering on this subject here.