Are you feeling the pressure yet? The start of 2018 means that GDPR goes into effect in 5 months, which will undoubtedly approach quickly. Will your organization be caught off guard when May 25, 2018 comes around? Whether you’re completely, somewhat, or not-at-all prepared for the data rules outlined in the GDPR, check out our last-minute preparation tips below.
For the completely prepared
If you’re feeling confident about your GDPR preparation, congratulations! You’ve taken the steps to protect your organization from fines of up to 4% of your global revenue. Before you sit back and relax, there are still a few final preparatory steps to take to ensure you’ll have nothing to worry about when the regulation goes into effect.
First, double check your data collection processes. Are you preserving your customers’ PII consistently? If your processes are in place, it’s worth checking to make sure that your collections cover all of the internal and external platforms where your customers’ data may exist. Take the remaining time before GDPR goes into effect to be certain that you’ve thoroughly archived all of the relevant data and that your plan will protect future data that is added to your systems.
For the somewhat prepared
Maybe you’ve started determining where your customers’ PII lies within your systems, but you haven’t put a process in place to manage that data. Maybe you’ve started preserving the data, but got lost along the way. Either way, it’s time to finalize your processes and complete an archive of the existing data. Plus, you’ll need to determine the steps you plan to take to manage any future customer PII. By automating the archiving process, you can remain consistently prepared, should a customer request their data from your systems.
Of course, if you decide to automate the data management process, you’ll need to choose a comprehensive solution that can collect all types of content, even your internal collaboration platforms. By ensuring that you can collect dynamic content within a variety of systems, you’ll ensure that no customer PII will be hidden, therefore avoiding unexpected fines.
For the not-at-all prepared
First, don’t panic. It’s better to start preparing now, as opposed to hiding and risking up to 4% of your global revenue. That being said, don’t delay any further, as you don’t want to run out of time. Within your organization, create a calendar of deadlines to manage your preparation process. It will be vital to understand all of the places within your internal and external systems, so that you’ll have an accurate landscape of what you have to preserve. This may seem obvious at first, but a lot of your customers’ PII may be hidden within internal conversations via Slack or Sharepoint.
Once you’ve determined the locations of your data, you’ll want to work with a preservation platform that can address the content needs of your organization. This way, all of the archived data will be held within one platform, simplifying the entire process. Be sure that the system is in place well in advance of the May 25 deadline to ensure that you have time to properly collect and preserve all of the data within your systems. By building additional time into your preparatory plan, you’ll allow for any hangups or newly discovered data that needs to be preserved.
Lastly, if you’d like to speak with one of our GDPR experts to review your processes, the Hanzo team is available to help your organization avoid hefty fines and other risks of noncompliance. Schedule a call with our GDPR team today.