–By Stephen Hackett
If you have been on a desert island for the last 6 months, then OK—I accept you may have not yet heard the GDPR acronym being mentioned in conversation. But for the rest of us, the General Data Protection Regulation, which comes into force on 25th May 2018, is either set to be the next Y2K non-event or could be real trouble.
What is the General Data Protection Regulation?
GDPR is already law in EU member states, but will not be policed until 25th May 2018. And because the United Kingdom will still be a member state of the EU at that time, this absolutely applies to UK business. This means that at that point business falling foul of the regulation will be subject to potential fines of 4% of global turnover or €20m, whichever is the greater, for non-compliance. Specifically, the GDPR legislation governs the actual process (not specifically technical) for the collection, storage, movement, recovery and deletion of customer data.
So why is this important to our industry?
In a report earlier this year by PWC, they announced that:
- 98% of organisations assessed by PWC have not updated their policies for GDPR or do not have policies in place
- 86% have no vision or strategy for GDPR
- 89% have never had an end-to-end-compliance review
Remember, I said this is a process compliance regulation and not specially related to technology. But here’s where (in my view) it gets interesting—and herein is the opportunity.
The path to compliance leads to opportunity
The path to compliance means making processes for harvesting, storing, retrieving and deleting data compliant. However, once a business is compliant, it’s compliant for only a moment in time once the boxes are ticked. But what happens if someone intentionally (or otherwise) grabs your process compliant data and dumps it on the web? Oops, suddenly your business is not only non-compliant, but you can be sure that the GDPR ‘police’ are going to hear about it. Remember the Talk Talk customer records being made public?
So, compliance does have a technical requirement, i.e. for the secure storage and the secure fencing of the actual process. There’s the opportunity. Asking our customers what they are doing about compliance and security.
But don’t take my word for it, I’m no specialist. Thankfully though, we have Supplier Partners who are.
The Intelisys Global portfolio includes multiple Supplier Partners that offer security solutions. We also offer free dedicated, technical cloud and telecoms engineering support, and we encourage you to reach out to us with all of your customer questions.
About the Author
Stephen Hackett, Managing Director for Intelisys Global, is a 15-year telecoms industry veteran with extensive experience crafting and implementing compelling partner-facing strategies for development of industry programs via indirect sales channels.