GDPR, One Year Later, ‘Not the Boogeyman’
…do business,” said Dave Brunswick, vice president of solutions, North America at Cleo. “Unless there is consistency between states, it will become increasingly difficult for companies to comply with all the different policies out there.”
“If regulation is too restrictive and variable across state boundaries, it could create a significant barrier to expanding businesses,” Brunswick added. “On the flip side, if the regulation is too loose and doesn’t have real teeth when organizations don’t comply, then there is little point in having it since it will not materially affect behavior.”
The executive summary is that when it comes to GDPR, we’ve yet to see a glimmer of its full impact. True privacy and ultimate compliance with this and other privacy regulations is going to require more effort and more investments than anyone likely foresaw. That represents opportunity for providers who can help with any of myriad steps along the way.
“Full implementation of a GDPR-like protocol will require a complete retooling of information-management platforms across financial services. New technologies are needed to support a globally safe data-sharing ecosystem, not solely a reliance on agreements to implement best practices or large cyber insurance policies,” says Robert Miller, CEO of Private Client Resources (PCR), a provider of UHNW data aggregation and client reporting “focused on the unique demands of wealthy families and their advisers.” PCR has an intense focus on data privacy and security for its clientele.
Miller also sees a need for privacy issues to be built-in rather than tacked onto anything concerning the collections, storage and use of data.
“‘Privacy by Design’ has become a recent buzz word for organizations and regulations. ‘Privacy by Design’ in short, requires that data subject rights are considered when designing technology solutions and business processes. Specifically, that how our data is acquired, stored, shared and traced is incorporated into these solutions from the ground up,” Miller added.
Before all is said and done, GDPR will fuel massive change in everything. But it will take years, maybe decades before we see the end results.