GDPR should be seen as an Opportunity,
not a Cost
GDPR (EU General Data Protection Regulation) has become a hot, even overhyped topic. The clock is ticking (it really is, see above). You will have been bombarded by all sorts of mailers, with all sorts of “silver bullet” solutions to help you get set for when GDPR comes into force on the 25th May 2018. You will have been threatened with the potential fines – 4% of turnover or 20 million Euro, whichever is the greater. Now, perhaps, stop worrying about the downside, and think of the Trust benefits from “Privacy by Design” and GDPR compliance.
Be ready for the GDPR opportunity
The Bloor team thinks differently about GDPR. We’re here to turn getting prepared for GDPR into an opportunity to add value for your company. It’s not just a cost to be bourne but an opportunity to leverage “privacy by design” for building Trust in the Mutable business. We will explain the real issues and responsibilities, which are vital and need to be understood. But you need to understand that:
- There are no silver bullets
- There are no one size fits all solutions
- You can’t ignore it because of BREXIT
- You can use GDPR as trigger to implement good practice around managing personal data and security (at a time when dealing with Cyber Security has never been more important, and more top of the C-Suite’s mind).
GDPR Confidence and Competence – the new imperative
Bloor Research and Cognisco have joined forces to provide a GDPR readiness assessment tool focused on human risk. Governance generally, and GDPR in particular needs a strong focus on people, behaviour and outcomes. The LIBOR, London Whale, and PPI scandals, among others, have shown the crucial importance of behaviour and conduct in avoiding governance, risk, and compliance failures. Any realistic GDPR strategy will needs to approach employee motivation and incentivisation – as well as delivering a positive business-value outcome.
Our tool presents a range of multiple response questions designed to elucidate the state of awareness and understanding of those surveyed, with regard to GDPR. It is not designed to teach those surveyed but to discover whether an investment in further GDPR training, using a third party training specialist (such as, but not limited to, KPMG) is justified.