Time to prepare for GDPR

Publish date:

I’m a firm believer that GDPR shouldn’t be viewed as the only data protection end game, but more as a complement to existing policies that companies have in place to safeguard personal data.

With the new EU General Data Protection Regulation (GDPR) coming into force in May 2018, time was ticking to get our data protection and privacy policies up to scratch.

May blog from our series “A day in the life of a CISO”

That said, GDPR will bring more governance requirements, more rights for individuals and a need for more consistent practices. Stringent penalties will be applied if we fall short of the new standards. As a company, we knew we needed specialists help to prepare.

So, I set up a meeting with the Capgemini Cybersecurity and Data Protection team asap.

They talked through the need for a holistic view of data privacy and protection, and how personal data must be managed, protected and controlled. While the main emphasis would fall on the first phase of this ― getting data properly organized ― all three elements would have to work together to provide ongoing consistency.

I was already aware of Capgemini’s cybersecurity portfolio. I’d long been an advocate of their consulting and managed services ― which actually are a great fit for GDPR’s emphasis on detecting and notifying breaches and leaks proactively.

After the meeting, the Capgemini team laid out a gap analysis to establish a roadmap for reviewing our security and privacy processes, improving data protection all along the lifecycle and moving forward our GDPR compliance. This roadmap included all the necessary mechanisms, technology solutions and controls that would enable us to respond to data and privacy threats appropriately. Implementation is now under way ― and we’re well on schedule for when the GDPR kicks in.

Find out all about Capgemini’s data protection services here.

Related Posts

a day in the life of a ciso

Contracts, contracts, contracts

Date icon September 28, 2017

How did my organization improve the contract compliance processes in a secure manner?

a day in the life of a ciso

Governance, Risk, and Compliance making sweet music

Date icon September 28, 2017

How do I make sure that my company is well protected against compliance breaches?

a day in the life of a ciso

Asking the right questions about cybersecurity

Date icon February 25, 2017

How do I ensure that my business is resilient enough? Is my organization compliant with...