The leading knowledge platform for the financial technology industry
The leading knowledge platform for the financial technology industry

A-Team Insight Blogs

General Data Protection Regulation – The Time to Implement is Now

General Data Protection Regulation (GDPR) is broad, rigorous and challenging – and its compliance deadline is just 12 months away. So, how are organisations responding to the regulation, what progress are they making on implementation and what steps can they take to ensure compliance within the 12-month timeframe.

These questions and more were answered in a recent A-Team Group webinar asking ‘Are you ready for GDPR?’. The webinar was hosted by A-Team editor Sarah Underwood and joined by Michael Dimopoulos, a GDPR practitioner assigned to a Tier 1 European bank; Christy Haragan, principal sales engineer at MarkLogic; Tudor Borlea, pre-sales engineer at Collibra; and Michael Angle, chief technology officer at Opus.

Setting the scene for discussion, an early audience poll questioning organisations’ progress on GDPR showed 42% of respondents at the planning stage, 27% just starting implementation, 18% not yet making progress, and 13% making significant progress. Considering the 25 May 2018 compliance deadline of the regulation, the speakers agreed that if organisations within the scope of GDPR have not yet started work on compliance, they should not delay and get going straight away. The challenges of compliance are considerable, and it will take a lot of time and effort to identify personal date, gain and document the consent of data owners – essentially EU citizens – to use the data, and embed policies and practices to deal with data owners’ rights, such as data access and corrections, data portability, and the right to be forgotten. Firms based outside the EU, but with EU customers, must also comply with GDPR.

A second audience poll reflected these challenges, showing respondents expecting to, or experiencing, GDPR data management challenges including establishing customer consent management, identifying private and protected data, and building data privacy by design as required by the regulation. The speakers added compliance challenges presented by data silos, problems around accessing and managing unstructured data, and the ability to scale systems to deal with data subjects requests in a timely manner.

Solutions to these problems include a step-by-step approach to GDPR implementation that starts with a data inventory and goes on to document consent from data owners, map data to systems where it is used, encrypt data where necessary, and ensure compliant data can be given to data subjects on request. A shift in culture around how employees collect customer data is also recommended.

While no single technology solution is expected to provide an answer to all the data management challenges of GDPR, the speakers suggested organisations should start conversations with technology providers now with a view to implementing solutions in the second half of the year.

Final advice included getting board level sponsorship for GDPR programmes, making all required efforts to avoid potentially huge fines for non-compliance, and collaborating across the enterprise to achieve success. And start now!

Listen to the webinar to find out about:

  • GDPR obligations
  • Scope of the regulation
  • Data management challenges
  • Implementation plans
  • Beneficial outcomes

Related content

WEBINAR

Upcoming Webinar: Developing operational resilience

Date: 25 March 2021 Time: 10:00am ET / 3:00pm London / 4:00pm CET Duration: 50 minutes Financial institutions’ operational resilience – essentially the ability to prevent, adapt and respond to, and recover and learn from operational disruptions – has come under extreme pressure during the coronavirus pandemic, with last year’s March lockdown creating unprecedented circumstances...

BLOG

The Future of Transatlantic Regulatory Cooperation: Antony Phillipson

As the RegTech Summit Virtual 2020 fast approaches, we are so pleased to welcome Antony Phillipson, Her Majesty’s Trade Commissioner for North America and Consul General in New York on Day Three (November 18) for a special Keynote speech and Q&A to discuss a possible Brexit UK-US FTA and outline the future of transatlantic regulatory...

EVENT

RegTech Summit London

Now in its 5th year, the RegTech Summit in London explores how the European financial services industry can leverage technology to drive innovation, cut costs and support regulatory change.

GUIDE

RegTech Suppliers Guide 2020/2021

Welcome to the second edition of A-Team Group’s RegTech Suppliers Guide, an essential aid for financial institutions sourcing innovative solutions to improve their regulatory response, and a showcase for encumbent and new RegTech vendors with offerings designed to match market demand. Available free of charge and based on an industry-wide survey, the guide provides a...