Can organisations get any long-term value out of the process of becoming GDPR-compliant? The short answer: yes. Here’s a framework for how to do it.
Riaz Din | March 7, 2018
Organisations typically see regulatory change as troublesome—something that consumes a huge amount of time and effort, standing as a barrier to their goals and offering little value to the business. And given finite resources (budget and skilled people), they often have no choice but to prioritise regulatory change over discretionary.
That’s how many see the General Data Protection Regulation (GDPR), approaching quickly with a May 25, 2018 deadline. But there’s an upside to the mandatory compliance: long-term value for your business.
U.K. Information Commission Officer Elizabeth Denham says, “If your organisation can’t demonstrate that good data protection is a cornerstone of your business policy and practices, you’re leaving your organisation open to enforcement action that can damage both public reputation and bank balance. But there’s a carrot here as well as a stick: get data protection right, and you can see a real business benefit.”
GDPR brings an opportunity to focus the mind. It nudges you to engage people across different teams, come together to ensure readiness, and manage exposure to any breaches and external threats.
GDPR isn’t just about ensuring that you’re compliant on May 25, 2018. It’s about ensuring that you’re compliant every day thereafter. This requires a holistic approach and a collaborative effort from a multi-disciplinary team.
Working with partners and clients to support their GDPR efforts, we at Slalom have created a comprehensive and sustainable framework to help you navigate the challenges of GDPR compliance. Our framework consists of six dimensions that we believe are key to assuring the long-term success of any GDPR programme.