Culture, Process and Technology for GDPR

More Than Just Technology

We have been talking about the GDPR for quite some time now –  since the enforcement deadline of May 25th came into the distant horizon and we have been helping people prepare for the Unstructured Data (email and file) element of the regulation. One common misperception we have encountered, time and again, is the notion that getting one  vendor’s software will tick the entire GDPR box and you can then relax until audit day.

Culture, Process, Technology

Culture, Process and Technology


Adopting a culture of good compliance practice involves the entire organisation and needs, at its core, a genuine management buy in to succeed. The right people, good ongoing training and measurement are all just as important as getting good technology for GDPR. Our recent survey on GDPR readiness showed a large portion of respondents are either totally unprepared for GDPR or early in the project to address it. Getting a structured plan in place will be a positive experience for all involved and will foster better relationships between you and your customers.

Culture

  • Resourcing – senior / experienced human resources with the capability to see organisation-wide are important to get the adequate oversight of the GDPR scope and preparation.
  • Training – maintaining a culture of compliance will need ongoing training and development and ideally a way of measuring how effective the training has been for staff.
  • Communication – getting the right balance between “carrot and stick” when instilling good compliance is key – a proper awareness of the organisation’s/team’s/individual’s responsibilities is ideal.

Process

  • Policy setting – should be appropriate for the organisation and make sense to the individuals and teams using these policies to achieve and maintain GDPR compliance.
  • Oversight – ensuring that the project to achieve GDPR compliance is well managed and properly maintained is essential, ideally human and technological best practice.
  • Review by management, responsible people (DPO if on site), internal auditors or external contracted companies.

Technology

  • There is no “silver bullet” technology to address all the elements of GDPR so working smart to select the best elements for all your requirements is best practice.
  • Managed Service – software is helpful but it will not cover all the essential elements in terms of culture and process and needs to be properly integrated to get best results.
  • Getting insight, taking action and then setting policies and reporting on your largest Data sets is key to getting your head around the GDPR Data requirements

About Waterford Technologies

Waterford Technologies are Data Management experts, dealing with Unstructured Data for over 17 years. We provide the toolset and expertise to ensure your email and file Data is ready for all compliance audits, not only GDPR.