With the GDPR deadline looming on May 25, 2018, every organization in the world that transmits data related to EU citizens is focused on achieving compliance. And for good reason. The ruling carries the most serious financial consequences of any privacy law to date – the greater of 20 million EUR or 4 percent of global revenue, potentially catastrophic penalties for many companies.
Compounding matters, the scope and complexity of GDPR extends beyond cyber security, requiring equal involvement from legal and IT teams. For many security executives, this is causing significant consternation about the organizational borders of GDPR. Specifically, “Who owns It?” and “Who does what?”
Effective GDPR compliance requires well-defined roles and division of responsibilities, as well as strong interdepartmental partnerships. Above all, it’s a team effort, and clear communication is the key.
Read about the three core business areas where integrated efforts are necessary to achieve GDPR compliance, and the distinct challenges of each on Help Net Security.