As organizations worldwide are scrambling to comply with the requirements of the European Union’s General Data Protection Regulation (GDPR), the sheer amount of time and money being in spent in preparation for the looming changes is alarming. In short, GDPR requires all organizations with information about European residents to comply with strict rules about how that personal data is stored, secured, used, moved and erased from their systems.
According to PricewaterhouseCoopers, 92% of multinationals view GDPR compliance as a top priority. Of those companies, more than 75% have allocated over a million dollars for compliance efforts, and nearly 10 percent plan to spend more than 10 million dollars each.In order to comply with GDPR, every organization needs to understand: The location of private information. Which systems and apps use the data. How and when personal data is used. Who looks at and uses the data. What permissions you have to use the data. When and how data permissions were obtained. When and where personal data moves.
Author: Navneet Mathur