As Global Organizations Prepare for May 2018 GDPR Deadline, Collibra Shares Recommendations for Avoiding Common Compliance Pitfalls
New York, October 17, 2017 – Global organizations are working quickly to ensure they will be in full compliance with the General Data Protection Regulation (GDPR), which goes into full effect on May 25, 2018. There is no deadline extension and penalties for non-compliance are significant: up to 4% of annual global revenue. Collibra, the leading data governance software platform for business users, today shared recommendations for avoiding six common GDPR pitfalls that can impede compliance.
The GDPR focuses on protecting the personal data of European Union citizens. But it’s not just EU companies that need to concern themselves with GDPR compliance. Any organization across the globe that collects data about EU residents must demonstrate compliance.
“Ensuring GDPR compliance is no trivial matter, nor an initiative that can be cobbled together in just a few weeks,” said Felix Van de Maele, co-founder and CEO for Collibra. “It’s essential that organizations act now to prepare to be fully GDPR compliant, otherwise they risk not only major financial penalties but reputational damage. Collibra is playing a critical and expert role in helping our customers leverage data governance as a framework to help ensure consumer data remains safe.”
Here are six common GDPR compliance pitfalls, along with ways to ensure they don’t hamper your company’s compliance efforts:
1. You Haven’t Engaged Legal Counsel
With a compliance deadline less than a year away, having experienced legal counsel onboard is critical to ensure your organization is fully compliant with the complex GDPR legislation. While it’s tempting to think your organization can go it alone, legal counsel isn’t a luxury but a necessity.
2. You’re Not Looking at GDPR Holistically
GDPR isn’t just about identifying and securing data, so it requires the full participation of stakeholders across the organization. These stakeholders include business managers, data teams, IT, human resources, and the C-suite.
3. You Haven’t Made an Inventory of Your Business Processes
Understanding how data moves across and beyond your organization is a critical component of GDPR. You’ll need the participation of business units to document the kind of data you collect or process, understand where that data lives and how it’s used, and identify who is responsible for that data and who has access.
4. You Are Not Accounting for Shadow Systems
More than 80% of IT professionals say their end users have implemented unauthorized cloud services or other software in their organizations. This is a growing problem in today’s age of the consumerization of IT, BYOD programs, and the rise of cloud technologies. Take the time now to account for shadow systems and meet with users from across the business to understand what tools they use and why.
5. You Rush to Encrypt Your Data
While encryption can be a valuable tool, it’s not, in and of itself, a complete solution. While encryption has its attractions, it is fundamentally a technical solution that does not address the human factor: how to control access in a way that protects personal data while providing legitimate data users with the information they need to do their jobs.
6. Your Organization Lacks Skills Specific to GDPR
The right expertise will help your organization interpret regulations, assess your readiness, implement a data protection program, and monitor your compliance journey. While hiring specialized talent can help, cultivate the talent you have since they’re the ones who know your business – and your data – best.
To learn more about these GDPR pitfalls and recommendations on how to overcome them, download the new Collibra e-book, “6 GDPR Compliance Pitfalls (and How to Avoid Them).”
As the leader in data governance, Collibra helps organizations across the world find, understand, and trust their data, and gain competitive advantage by maximizing the value of their data across the enterprise. Collibra is the only solution purpose-built to address the gamut of data stewardship, governance, and management needs of the most complex, data-intensive industries. Our flexible and configurable cloud-based or on-premises solution puts people and processes first – automating data governance and management to quickly and securely deliver trusted data to the business users who need it. Learn more at www.collibra.com.