You may well be nearing the end of meeting GDPR from a compliance perspective, but this is merely the end of the beginning… are you sure you’ve covered all bases to avoid some of the hefty fines on offer?
Whilst processes are essential, you’re only as strong as your weakest link, which in practice is often a single employee.
So with this in mind, have you got a long-term GDPR communications plan in place?
A communications campaign and training will help employees become aware of the changes and understand the basic principles. Perhaps this is an opportunity to challenge the process and take a fresh look at the level of awareness, understanding and engagement across your business.
This is an entire business issue, but that aside, your fellow colleagues are also consumers, so an education programme that allows everyone to understand their owns rights will help them appreciate the rights of others when it comes to day-to-day business. A win-win situation, allowing the business to act responsibly to various stakeholder groups at the same time.
For those who are happy to just tick the compliance box and not go further… let’s see how the regulators approach enforcement and whether they set examples of companies breaching the legislation by utilising fines of up to 4% or €20m of annual worldwide turnover (whichever is greater)!
25 May is merely the end of the beginning… do your bit towards creating a culture shift, whereby data privacy and management is placed at the heart of everyday business operations.