A U.S. Senator proposes GDPR like regulations & adds 10 to 20 year in jail for false annual reporting on privacy issues; The EU is using “cease processing orders” as a more powerful tool to convince firms to become GDPR compliant; It’s reported that GDPR fines will be uninsurable, what company could afford to be locked out of a market with 740 million potential customers. Facebook could face $1.6 billion in EU fines. And perhaps the most troubling trend in Data Privacy is the rise of well-funded activists dedicated to forcing firms to be responsible for protecting citizen’s personal data, as evidenced by Privacy International filing complaints against 7 firms. A never-ending litany of difficulties for firms that are non GDPR compliant.
With a suggested 80% of companies not ready for GDPR or other Data Protection Regulations, it is a troublesome time to be a company that is just beginning to address protection of their customers’ personal data. The only mitigating factors is that the regulatory agencies may lack the technology to determine if a company is non-compliant, at least to the degree that would be required to prove their allegations in court. But how long before regulatory agencies discover a product that can process large amounts of data and document the exposed personal data found in your data environment? There are existing tools and technologies, like BigDataRevealed, that can dramatically change the data regulatory picture. And for a period of time BigDataRevealed is offering the EU GDPR and others free use.
A company could decide to build a solution themselves, however with millions of firms needing to become compliant, and with so few knowledgeable and capable individuals available on the market, I believe the only sensible approach is to begin with technology developed specifically for the coming era of data compliance. Why not start with a product that can demonstrate its ability to complete much of the discovery and remediation while also providing APIs to allow existing systems (such as point-of-sale, Analytics, AI) to utilize encrypted data. The project might largely be completed in six months to a year instead of two, three or more years. And with the reported probability that a company will experience 2 major hacks a year, the risk of major disruptions due to data regulatory issues becomes unacceptable.
Data Compliance is first and foremost protecting customers’ / Citizens Personal Data. Just like customers who have experienced the risks associated with data breaches, such as identity theft or financial loss, it is now companies that will experience real risk when Regulators investigate a company’s ability to protect their customer’s personal data. Regulations are becoming more prevalent and increasing in severity so there is only potential harm in delaying your company’s efforts to become compliant. The fact that BigDataRevealed for the SME/SMB market annual subscription can be as reasonable as fifty thousand a years and as reasonable as two hundred thousand a year for larger companies.