To comply or not to comply is not a question anymore.


The EU’s general data protection regulation is now a law and has been protecting the personal data of European residents for the past year now. It has expanded the rights of an individual giving them substantial control over their personal data and how it is handled.

The number of notifications received has expanded significantly (206,326 reports), especially from individuals regarding their rights (46%). Of 206,326 complaints, more than half of which are already dealt with, with the majority of the rest still ongoing. The regulatory authorities are also beefing their employee counts to meet the demands.

The need to comply with GDPR regulation, among other regulations, is now essential to organizations worldwide. Data protection has become an increasingly important business issue and affects organizations of all sizes, cutting across all industries. Knowing where the sensitive data is and protecting it is now imperative to protect individual privacy rights. Yet, there is still a lack of understanding of how technology can help in the fight to protect sensitive data and how great a role it has to play. This explains why 74% of organizations have failed to address the one-month notification response limit required.

Large organizations such as British Airways have been slammed with fines as high as $230 million. The Information Commissioner’s Office has become an increasingly prominent regulator in the digital space. It fined Facebook $626,000 last year over the Cambridge Analytica scandal. Examples like these indicate that there is a significant gap in the degree of automation and infrastructure that is required to be compliant with regulations.

One year on, despite a good beginning by the organizations and regulators, full effects of GDPR are yet to be seen. Data protection authorities have been adjusting to their expanded roles and organizations are yet to understand the crucial role of technology. The next article in this series will explore the progress of organizations in GDPR compliance until now.

What do you think about this? Please share your thoughts.

To know more, download the Bloor research paper here

MENTIS helps organisations in their GDPR compliance initiatives through market leading discovery, anonymization, monitoring, and retirement solutions, all in a single integrated platform. Read on to read more here