We operate within the heart of the energy and data sectors. This affords us with unique insights into the challenges and opportunities business, regulators and government face. Within this section you can view our latest views, press releases, thought leadership papers and more.
Home » Insights » Data privacy: from a ‘one size fits all’, policy based approach to a risk and process based model
Data privacy: from a ‘one size fits all’, policy based approach to a risk and process based model
Despite the decision being taken to implement the regulation in 2012, it has taken 4000 amendments; a feisty parliamentary debate and strong pressure from lobbies and internet companies, for the new regulation to come into force on 25th May 2018, almost six years later. The GDPR marks a drastic change in the way we will have to handle privacy, no longer is it simply a compliance exercise, data privacy will instead become a matter of (good) corporate governance.
For organisations that have already taken the decision to integrate GDPR into corporate governance, the roadmap to compliance may not be as complicated – but the key point is that the GDPR will introduce a new approach to privacy and data governance, making it process and risk based rather than purely policy focused.
It’s a cultural shift – and a very positive one. Whilst data is seen as the most important asset businesses have, citizens do not seem to trust organisations handling their information and it’s hard to blame them after the recent news about data breaches in the NHS or Halifax.
Taking individuals rights seriously will almost certainly provide businesses with a competitive advantage. Empowering your client base by asking them to decide how they want to receive information, making privacy part of the customer journey and being very clear with customers about what happens with their data will help businesses thrive and leverage their main assets, data and customers
These days, there is a lot of buzz around GDPR with new products popping up every day – be it a new tool around consent or a new system to analyse the data you hold. These solutions are leading the way and it is good to see so many organisations coming to terms with the importance of good data governance.
However, there are also a lot of myths and fear mongering announcements, from huge fines about to hit companies to claims that all data must now be encrypted.
GDPR is first and foremost a transformation programme and good programme management is therefore a key part of it. Second, GDPR is about a cultural shift within organisations and needs the whole business to pull together in order for it to be successful. Finally, the GDPR is about risk assessment and creative solutions focused on the nature of each individual business – and this is where legal and technology pull together, as technology is there to leverage privacy and make it work.
Ultimately, this is a great chance for organisations to become more competitive, improve customer care and improve global reach, as GDPR may become the international standard for the protection of personal data not only the EU, but globally. Good strategic advice is crucial to success and provides the ability to make the most of the opportunities ahead.
If you would like to find out more about GDPR you can visit our dedicated pager or you can download a number of our thought leadership pieces:
Our work means different things to different clients and we wanted to share some details of the projects we have managed to give you an insight into our capabilities and the impact we have delivered as a business.
Did you like what you read? Did you want to find out more about the subject? Or did you simply want to get in touch with us? Either way if you would like to get in touch with us you can do so using the form on the right.
Get In Touch
Want to find out more?
Follow the links below find out more about the services we provide, our insight into the industries we serve or the opportunities available with us.