IBM currently complies with privacy laws around the world. IBM is also preparing to comply with the European Union's new General Data Protection Regulation (GDPR) which will go into effect in May 2018. IBM has established a
global project to prepare for GDPR, both for our internal processes and for our commercial offerings. IBM recognises that our customers will rely on IBM's offerings and technical assistance to achieve GDPR compliance within
their own organisations and IBM is well-positioned to meet this critical need.
As part of its GDPR project, IBM is enhancing its ongoing commitment to privacy by design. IBM is working to embed data protection principles even more deeply into its business processes, with the objective that technical and
organisational security measures limit, by default, the amount and use of personal data to what is specifically required. This work will also strengthen controls already in place to limit access to personal data, including
with respect to mobile applications that rely on sensible default settings to prevent personal data from being inadvertently shared with others.
Read the eBook IBM’s Journey to GDPR Readiness (4.3MB)