January 16th, 2018
Adam Stone, Principal Consultant

Are you falling into the rut known as the great GDPR compliance panic of 2018? Stop worrying. Many data security and privacy leaders have successfully addressed the challenges of new regulatory compliance obligations before.

Several years ago, I entered the data security and privacy world just as new business challenges emerged from two separate congressional reform bills intended to solve certain problems in the US healthcare and financial services sectors. The Health Insurance Portability and Accountability Act of 1996 (HIPAA), followed by the Gramm-Leach-Bliley Act of 1999 (GLBA), triggered federal regulation focused on – among many other areas – data privacy and security. At the time, organizations of all sizes struggled to prepare for the new federal requirements.

The first hurdle for some organizations was to simply acknowledge the fact that HIPAA and GLBA applied to their operations. For those who moved past the acknowledgement phase, preparatory scope creeped, and unplanned business disruptions followed. In an environment where executives were unclear about the applicability and impact of HIPAA and GLBA regulations, data security and privacy professionals found little support to implement new controls structures. The result: compliance programs poorly-aligned to corporate mission, values and objectives.

Though data security and privacy professionals emerged wiser from the HIPAA/GLBA compliance experience of the early aughts, evidence suggests that many firms now struggle with the emerging challenges of the EU General Data Protection Regulation (GDPR). As principal consultant with Secure Digital Solutions (SDS), I hear from lots of panicked leaders who need help understanding the impact of GDPR ahead of its May 2018 effective date. We find that firms can avoid some of the setbacks of the past by adopting an effective, scalable process for GDPR compliance preparations today. Whether preparing for GDPR with in-house resources or hiring an experienced consultant, firms should adopt a GDPR Readiness process like the one in the image below.

This is an image of a simple process to help organizations prepare for the General Data Protection Regulation (GDPR) compliance requirements.
Preparing for GDPR: Process Steps

Stop Panicking and Start Your GDPR Readiness Journey Today

The time to act is now. Firms of all sizes must determine how GDPR will impact their business and act accordingly. For business executives who do not have the time or expertise needed to meet GDPR’s stringent requirements, our seasoned consultants will help you identify GDPR readiness gaps and define common-sense strategies for meeting compliance obligations. We leverage the in-the-trenches experience of past compliance initiatives to provide maximum value for today’s clients. Start your GDPR-focused compliance journey today with an affordable Readiness Assessment. Contact us at 952-544-0234 or visit our Web site for more information.