Share this post:
With the European Union’s General Data Protection Regulation (GDPR) coming into effect in less than 100 days, chances are you know your business needs to rapidly transform how it manages the personal information and data of EU subjects.
According to research conducted by Vanson Bourne and IBM, 47 percent of organizational leaders surveyed in the UK, France and Germany indicated there is a lot more to be done to comply with GDPR before May 2018. But what is the best approach to take with such a short deadline for compliance?
A potential fine of up to 20 million Euros or 4 percent of global revenue (whichever is greater) for a GDPR breach is galvanizing action, but many are still coming to grips with the journey towards GDPR readiness. Having a roadmap and a strong commitment to data responsibility can assist with a safe arrival.
Let’s start with the current challenge: knowing what is required of your company to avoid the potential financial and reputational damage of a breach.
Across the 28 EU states, you now must know what personal data you have, where it is stored and how it is processed, as well as how it’s secured and protected. Customer data must also be accessible if your customers want to take back or have you delete their data. You can start addressing concerns around data security and personal data protection by leveraging cloud, where enterprises can manage, connect and optimize their data in security-rich environments.
This raises the next challenge: once you know what’s required of your business, how will you execute?
I’ve worked with a wide range of clients in various stages of GDPR readiness leveraging IBM expertise across cloud, analytics, security and services. While some are still planning and strategizing how to meet GDPR requirements, others have undergone the transformation and are set to capitalize on the enhanced business value.
Regardless of where you are in your GDPR planning, you can implement a strategic approach to GDPR readiness incorporating the cloud as a component to success. What’s more, this approach to GDPR offers data protection and peace of mind.
If you’re just starting the journey, evaluating a hybrid cloud model is a good place to begin. With a hybrid environment, you can create a private cloud for your sensitive data, a public cloud for scaling, and hybrid capabilities to connect and unify all clouds, all services, and all of your data.
We’ve delivered on that promise with new hybrid and public cloud capabilities that help make the path to cloud more secure. Whether you’re ready to fully move to the public cloud, or are benefiting from cloud-native capabilities behind the firewall with IBM Cloud Private, IBM continues to put data responsibility and security first. In fact, IBM was one of the founding members of the EU Cloud Code of Conduct, which celebrates its first anniversary today, and has more than 24 services signed up to the code.
Once you’ve mastered transparency and control, the final challenge is how you clearly articulate ownership of data.
Those in highly regulated industries such as government and financial services need control over where data is located to address performance, security, and privacy requirements. To address these concerns, IBM has developed IBM Cloud Secure Virtualization, a solution created on single-tenant bare metal servers on IBM Cloud.
Additionally, IBM recently introduced a new support model and capabilities for infrastructure and platform services in its cloud data center in Frankfurt, Germany, to restrict data access and to give clients control over and transparency with where their data lives, who has access to it and what they can do with this access. EU support is available 24 hours a day, 7 days a week from engineers located in Europe for clients using cloud infrastructure services in all of IBM’s data centers in the EU.
Onward to GDPR: The catalyst for responsible data stewardship
Within 100 days, companies must have the people, policies, and solutions in place to comply with GDPR. To reduce risk, organizations should choose the solutions that enable them to address multiple requirements easily and efficiently. Instead of stressing over the fear of non-compliance, look to the cloud as a key component in your path forward for GDPR-readiness, security and an opportunity to embrace responsible data practices leading into the future.
Learn more about IBM’s own GDPR readiness journey and our GDPR capabilities and offerings to support your compliance journey.
Learn more about how privacy affects us all.