The Survey Says: 59 Percent Think That the GDPR is Confusing
A recent IDC survey indicated that the General Data Protection Regulation (GDPR) is confusing. Why is this? Just under 90 pages long, the regulations aren’t that large; the document is certainly no “War and Peace.” With this in mind, I’ve put together my view on why this seems to be the case, and a few actions you can take to deal with it.
It puts you outside your comfort zone
The likelihood is that the GDPR affects every part of your organization; it cuts across many different disciplines and departments. The core of the GDPR is added to significantly by the recitals that provide definitions and it is likely to stretch even a dedicated Compliance Officer. Unless the program lead for the GDPR is a Compliance Officer, that person is unlikely to have enough knowledge to understand its process impact for every other department, or the full extent of the business and technical challenges it poses.
‘I’m not a lawyer’
If you don’t have in-house legal counsel playing a lead role in your GDPR program, gaining access to legal help with the GDPR isn’t an option you can avoid, especially if your organization has more than 250 employees or processes the data of children. Even if you get help, translating that into the effect on your business can still be tricky. For example, more and more businesses use automated decision making and customer profiling. The rules for this have been tightened significantly. Un-picking the actual logic or AI that you use and applying the regulations to it may not be easy. Or it may add constraints that mean more human intervention.
Read the entire article here, The Survey Says: 59 Percent Think That the GDPR is Confusing
via the fine folks at Commvault