The GDPR Deadline Is Here — What’s Next?

GDPR Why May 25 Is Just the Beginning

For organizations that do business in the European Union, May 25 will be a watershed day — the day the EU begins enforcing the General Data Protection Regulation (GDPR). Whether you’ve been preparing for months or you’re just learning about this game-changing data privacy law, the question will soon be not “How do we prepare?” but “What should we do now?”

On May 24 — less than 24 hours before the GDPR goes into effect — Primitive Logic will host the webinar “GDPR: Why May 25 Is Just the Beginning,” where we will explore the process for aligning with the regulation as well as the “triggers” that will require a re-examination of your compliance status in the future.

Are You Ready?

If you’ve fallen behind in your GDPR readiness efforts — or even if you just found out about it — it’s not too late to start preparing your organization. A good place to start is with an assessment of six key areas:

  • Data processing activities
  • Policies
  • Contracts
  • Security
  • Communication and education
  • Change management and data governance

Thinking Beyond May 25

Even if your organization is well prepared for the GDPR deadline, it’s important to remember that May 25 is not the finish line. Monitoring compliance — both in your organization and in your vendors and partners — will be an ongoing process. You will also have to process any requests from data subjects (like requests for erasure), and you will have to keep your documentation up to date.

It’s also important to be aware of specific “triggers” that could affect your compliance status. These include external triggers, such as EU court decisions that clarify the GDPR, and triggers within your organization, such as new sources of personal data, policy changes, or a merger.

To be prepared for these triggers, you need sound policies and procedures around data governance, and employees must understand their roles in identifying issues that could affect your compliance status. Training and communication initiatives aimed at creating a “GDPR mindset” will equip your team with the knowledge they need to determine which issues require re-visiting your alignment with GDPR requirements and which ones do not.

To learn more about preparing for GDPR and for maintaining your compliance status beyond the deadline, join us on May 24 for our webinar “GDPR: Why May 25 Is Just the Beginning.” Register today to reserve your spot, and we look forward to seeing you there.

Kevin Moos, May 2018