Saturday, December 7, 2019
Corporate Compliance Insights
  • Home
    • Home
  • About
    • About CCI
    • Writing for CCI
    • Advertise With Us
  • Articles
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Industry News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
    • Home
  • About
    • About CCI
    • Writing for CCI
    • Advertise With Us
  • Articles
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Industry News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Data Privacy

3 Hidden Values of Preparing Early for GDPR

by Joe Garber
July 25, 2017
in Data Privacy, Featured
hand holding paper reading “start” on blurred background

Information Insight, Executive Alignment and Lower Costs

GDPR is rapidly approaching, and companies should begin to prepare for May 2018, when the regulations go into effect. Companies can actually benefit from early preparation to comply with GDPR—the benefits of which range from a competitive advantage through greater insight into data to greater alignment between business units and lower total costs. HPE’s Joe Garber explores three key benefits of preparing now for GDPR.

Early preparation for compliance with the European Union General Data Protection Regulation (GDPR) can deliver a wide range of benefits to organizations. These can range from securing a competitive advantage through greater insight into data to greater alignment between sometimes-competing business units to lower total costs.

At the core of GDPR – which becomes effective in May of 2018 – is the question of how organizations collect, manage and protect EU citizens’ and residents’ personal data.  Organizations are paying closer attention to GDPR than previous regulations of its kind because of the significant risks of noncompliance.  The most serious infractions, including not respecting the individual rights of data subjects, incur substantial fines (of the greater of 4 percent of global revenue or €20 million).  On top of this, there are also risks of legal action and lost customer confidence.

To gauge where your organization stands regarding its GDPR readiness, it is important that you understand what data exists within your enterprise, where it resides, if it is personal data, its relative value to the organization and the technology that supports its maintenance. More specifically, here are five questions that should be addressed when assessing your enterprise’s GDPR readiness:

  1. Where is the personal data stored that will fall under these regulations?
  2. How can I protect, store and securely back up data?
  3. How can I identity information for disposition, in accordance with the “right to be forgotten?”
  4. Can I report a breach within the timeline required by the EU data protection regulations?
  5. How can I reduce my overall risk profile?

While these questions are simply a starting point to begin the GDPR-readiness conversation, they are important in terms of understanding how your organization will be stronger as it prepares for compliance. Both information governance and security software will likely be needed to provide the framework for compliance. Information governance technology can help organizations discover where their information is stored (with the input of your privacy counsel) so they can determine what information should be managed to GDPR standards. This technology can also enable the user to establish and enforce policies, move data to a consolidated repository (if necessary) and manage this subset of information throughout its life cycle. As a byproduct, organizations will learn more about their data that can be used to help address an individual’s “right to be forgotten” request and those related to other individual rights guaranteed to data subjects under GDPR. Data security, working in conjunction with governance practices, can help secure content regardless of its location within the enterprise.

With the “how” now outlined, let’s take a closer look at the “why.”  In many conversations I’ve had with organizations preparing to comply with GDPR, there are a couple of key themes that come up regularly.  These organizations’ senior executives are looking to prepare for GDPR as soon as possible because they believe compliance will deliver a number of benefits that extend well beyond managing risk. They often discuss GDPR as a catalyst for doing what they should have been doing already to drive and manage the business with greater control. Here are the three most commonly highlighted incremental benefits:

3 Hidden Values of GDPR Readiness

Information insight is gained as stock is taken of the data that is held across the enterprise. Most organizations collect and maintain information with little understanding of that data and how it is relevant to business objectives. GDPR demands that organizations understand their data and the value it holds and adhere to specific guidelines for handling that data and respecting data subjects’ fundamental rights and freedoms. The insight gained may allow organizations to use information more effectively – as acceptable under GDPR – to ultimately learn more about their customers, identify underfunded parts of the business and perhaps even attain a competitive advantage.

Executive alignment is occurring as the fear of noncompliance and its associated risks are making individual business units work together.  The regulation of the magnitude of GDPR is no longer a CIO or CTO directive. Instead, it is a cross-executive concern for privacy, security, compliance, marketing, legal and C-suite executives. By spending more time working together to understand how best to comply, executives are finding more synergies in what they do and identifying how they can better share appropriate information to better streamline the business.

Lowering cost is the outlier of these three themes, as it’s the only one not focused on driving the top line for the organization. That said, it can be a significant benefit, and it may be the deciding factor on getting a GDPR project funded. Cost savings from GDPR projects can come in many forms. The most common is often savings derived from retiring applications and defensibly deleting information that no longer has value. By performing the discovery process, categorizing information by relative value and potentially moving information from a variety of data silos, organizations are significantly lowering total storage costs and retiring sometimes thousands of applications on which they are paying maintenance costs.  (Read this if you’d like to understand the specifics and how they can translate to a positive ROI in a relatively short period of time).  This exercise also can be a first step to a cloud migration strategy and can help protect you from security risks – as older applications are often the first cyber-attack target.

Organizations need to take a holistic approach when evaluating corporate data and aligning information governance policies with broader data security efforts.  Those who act quickly will be in a position to not only achieve compliance, but also improve their insight into existing data to enhance products, processes and service offerings.

Don’t get left behind.  Start preparing for GDPR now, and take advantage of all the hidden benefits as well.  To help you get started, HPE has recently developed a GDPR starter kit that bundles the technologies that perform many of the activities described above.  Click here to learn more.


Tags: GDPR
Previous Post

TrustArc & Alibaba Cloud Partner to Deliver Industry-Leading Privacy Platform to Businesses Expanding in Fast Growing Asian Markets

Next Post

The 3 Common Challenges of ERM

Joe Garber

Joe Garber is Vice President of Marketing for HPE’s Information Management & Governance business unit – a division of HPE Software.  In this role, he leads thought leadership, product messaging and go-to-market efforts for the organization’s data protection, file analysis, information archiving, records management, and eDiscovery offerings.

Garber has more than 10 years of experience in Information Management & Governance.  He most recently served as Vice President of Marketing for RenewData where he managed all product and corporate marketing efforts for this archiving and eDiscovery software and service provider.  He also previously served as Director of Market Strategy for ZANTAZ (acquired by Autonomy and subsequently HP) where he led analyst relations, field marketing, market analysis, and thought leadership programs for the company’s information governance portfolio.

During his 25-year career, Garber has also served as a management consultant for IBM, led marketing and product management for a variety of successful technology startups, and served as a press secretary for a U.S. Senator.  He holds a Bachelor of Arts degree from Pepperdine University and a Master’s of Business Administration (MBA) from Cornell University – a top-ten business school – where he was awarded the prestigious “Park Leadership Fellow” scholarship for demonstrated leadership and academic excellence.

Related Posts

man holds prohibited symbol above wooden block letters spelling fraud

The Pros Who Are Key to Fighting Corporate Fraud

December 6, 2019
blue corporate culture puzzle being assembled by multiple hands

Managing Organizational Culture as an Enterprise Asset

December 5, 2019
job candidates awaiting inerview

An Unconventional Interview Question: “Do You Have an HR Department?”

December 5, 2019
closeup of magnifying glass on gray background

DiCianni’s Idea: How It All Got Started

December 4, 2019
Next Post
team working together on a problem

The 3 Common Challenges of ERM

Free Downloads

OFAC whitepaper cover
Compliance Job Interview Q&A
Reputation Risk Management Research

RSS SEC Litigation News

  • Iconix Brand Group, Inc., Neil R. Cole and Seth Horowitz December 5, 2019
    SEC Charges Iconix Brand Group and Former Top Executives with Accounting Fraud
  • Lester Burroughs December 5, 2019
    SEC Charges Connecticut Man with Defrauding Retail Investors
  • SBB Research Group LLC, et al. December 4, 2019
    SEC Charges Hedge Fund Adviser and Top Executives with Fraud

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks Big Data blockchain board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management corporate culture corporate governance culture of ethics cyber risk data analytics data breach data governance decision-making Dodd-Frank DOJ due diligence fcpa enforcement actions GDPR GRC HIPAA information security internal audit internet of things (IoT) KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • Audit
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • HR Compliance
  • Leadership and Career
  • News
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights