GDPR – Choosing between a Bitter Pill or a Business Opportunity!
Whether we like it or not; GDPR is here to stay! As of May 25:th 2018 it will be enforced, and it will change IT as we know it
When we talk with businesses and organizations, we have discovered that there are three stages of awareness about GDPR:
- GDPR: Could it really be that important?
- GDPR: Ok, let’s look at this new thingy (so we at least know how it will affect us).
- GDPR: WOW this is huge! How will we find time for all the work needed!!!
When your organization is in stage 3 – Wow This is Huge! You see GDPR only as a very a bitter pill you must swallow
However, let us change the perspective and look at another option, because there is a fourth stage:
- GDPR: WOW, this is a chance to develop the company into more efficient processes and cost-effective IT operations!
The easiest way to get to the fourth stage, is to look at some of the most important steps of what an organization needs to do to be GDPR compliant and analyze what this would mean for the business.
We can help you with all of the below:
- Inventory of the processes within the company where data in scope for GDPR are managed
- The elephant in the room: Are these processes needed?
- Processes that are not necessary for the business drain energy and cost unnecessary money
- Find out what personal data is being processed
- The most important question: Are all these personal data really required by our operations?
- Collecting, storing and processing of personal data that are not necessary puts strain on system performance, storage cost, backup requirements etc. Result is Applications & System performance being hit, by data you do not need!
- Inventory registers in which personal data are processed
- Main question here: Does this registry support a process we must have?
- IT systems that are not necessary cost money through purchase, operation and maintenance thus causing unnecessary risk for data theft!
- Implement the security needed on the systems where personal data is processed
- Continuous updates and system security revisions increase both operational reliability and reduce the risk of important, potentially secret information leaking.
Reflect upon the above points and ponder how this can have impact on your business. It becomes obvious that the GDPR projects which must be implemented create a very big opportunity to make the organization work more efficiently and create a more cost-effective IT operations!
The GDPR regulation will require all organizations to review their operations, to do a GDPR assessment, at GetIT Nordic we choose to see GDPR as a possibility for improvement!
If you want our assistance with your GDPR related questions, do not hesitate to contact us