We are three weeks away from implementation of GDPR (General Data Protection Regulation) and studies have shown that only one third of the impacted organizations are actually prepared. The regulation was adopted 25 months ago and unlike the Y2K dilemma in which businesses were well aware of the date and made sure all changes were in place, many businesses are still floundering to become compliant.
Large private sector companies as well as public entities like universities and colleges have a tremendous amount of data stored within their system. Much of it collects proverbial dust and some is used regularly. These organizations have to determine what is delete-able data (may re-collect again in the future) and what is necessity? From there purging must take place along with fine-tuning the security measures for the data they possess.
New careers are taking place and current data security positions are being renamed. New positions on the rise: Data Protection Specialist, Data Protection Officer, Data Governance, GDPR Project Manager and GDPR Analyst. Not being fully compliant by May 25 is one thing, violating compliance after May 25 is yet another fine. The incentives are there however; two thirds of the UK is prepared, whereas less than half of the European Union and only a quarter of the United States are compliant to date. If companies are not compliant, they will face steep fines in some cases upwards of $25 million.
To better explain the changes to EU data protection regulation gdpr, here is a comparison done by ClickZ with data used by MarketPlace.org and PoliticsandPolicy.org GDPR: How US businesses are preparing