Our blog

Five areas to focus on when it comes to GDPR compliance

k

06 July 2017

Jose Francisco Pereiro Seco

Blogs by author: Jose Francisco Pereiro Seco, Head of Data Security Europe, BT.

LinkedIn

When it comes to GDPR, you need to change the way you think about data protection and privacy. Here are five key actions you need to take to achieve this.

Distant concepts, concrete decisions

The idea of improving data protection and privacy can often seem distant and abstract. But there are plenty of concrete actions you can take to move towards your final goal of compliance.

It’s already imperative for organisations to take strident steps to secure their customers’ information. But when GDPR comes into force, not only will companies face negative consequences to their reputation if there’s a breach, but they could also face significant fines.

Choosing the right framework

Our Privacy Shield Framework outlines the key areas that organisations should focus on to make sure that they’re prepared for the GDPR roll-out in May 2018. Some of these include:

  1. Awareness and understanding


It’s vital to make sure organisational stakeholders understand the essentials, impact and roadmap of the regulation. Hosting a GDPR workshop is good way to help achieve this.

  1. Assess and discover


Discover and map out your organisation’s entire data flows, including shadow IT. Use various tools and processes to assess and evaluate the security risks you face.

  1. Plan and design


Design and plan a data security architecture to protect your personal data and any business-sensitive information with a pragmatic and realistic approach.

  1. Integrate and deploy


Make sure that security controls are seamlessly integrated throughout your organisation and that these are being used consistently and correctly.

  1. Manage and adapt


GDPR will be alive and evolving for many years. You must ensure that there are operational and governance processes in place to successfully manage your security controls.

Taking focussed action to prevent breaches

It’s only with a thorough approach to security that organisations will be able to achieve GDPR compliance and keep clients personal data safe.

That’s why it’s so vital to understand the rationale behind data protection, in order to take focussed action and prevent data breaches in your organisation.

Download our white paper to discover how to comply with the GDPR — and find out why greater data security creates opportunities for your organisation.