GDPR At 2: The Conclusions And Way Forward
Created By Punit Bhatia

GDPR At 2: The Conclusions And Way Forward

The two years of the GDPR have meant that privacy going to be part of corporate decision making. And, a reflection of the two-year journey indicates that the future has the following in store for us:

  • Privacy Is Here To Stay - Two years ago, privacy may not have been the norm but going forward privacy is going to be the new normal. If the discussions on tracking as part of the pandemic are any indication, then, it is clear that privacy is here to stay. And, it will only get more and more embedded in the corporate world. It is likely that the consumers will expect it, the authorities will check it and the corporates will do it.
  • There Will Be More Automation - Thus far most companies have focussed on becoming compliant by setting and operationalizing the policies, governance, and processes. As we look ahead, there is likely to be more automation, usage of Artificial Intelligence, and reliance on predictive approaches that reactive responses.
  • The Maturity Will Only Increase - For most organizations, they are at the early stages of privacy compliance. In the coming years, there is likely to be an increase in maturity. In that direction, there is likely to a focus on certifications and audits so that organizations can demonstrate compliance and be assured of it.
  • There Will Be More Privacy Laws - While a lot of countries have already passed privacy laws, the coming years will see new laws in the US, India, Pakistan, and so on. As it seems, the US is likely to have state-wise privacy laws in the short to medium term. As more and more laws come through, there is a likelihood of harmonization across countries. The compliance across variable requirements in different privacy laws across the globe will remain a big challenge for most countries operating in multiple countries. I also see more and more countries getting included in the EU adequacy list for transfers of personal data.
  • Privacy Will Become A Brand Differentiator - As we move forward, privacy compliance is likely to become a brand differentiator in terms of winning more clients. To achieve this, more organizations will adopt ISO 27701 and other standards that will come up for a demonstration of privacy compliance in an organization. Already, a study by CISO shows that 82% of organizations view privacy certifications such as ISO 27701 and Privacy Shield as a buying factor when selecting a product or vendor in their supply chain. And, this is only going to increase and become a mandatory requirement.

In short, like it or not, GDPR and privacy laws are here to stay. We can always debate that this is not there and that is not fair but the law is there. And, we are better off taking a practical approach to complying with the longer-term perspective. And, as we do so, compliance is an ongoing journey and you need to consistently work towards remaining complaint. This is because your business keeps changing and so will compliance. So, have a safe privacy compliance journey.

And, if you need help in compliance with privacy laws, or training, please do not hesitate to contact me at [email protected] and we can have a conversation.

Note:

As I shared in my article "GDPR At 2: How To Look At Two Years Of The GDPR Regime?", this article is the last part of a series of articles on GDPR at 2. The previous articles included:

Punit Bhatia is a privacy consultant who is an author of multiple books on GDPR, privacy and sourcing speaker at global events, advisor on GDPR and privacy matters, and the host of The FIT4PRIVACY Podcast. Punit helps business and privacy leaders in identifying the strategic priorities for privacy compliance and managing the execution in a simple and structured manner. Punit is known to use simple business language while avoiding legal jargon. Punit is a certified Fellow in Information Privacy (FIP), CIPM, and CIPP-E.

Follow YouTubeFacebookTwitterInstagram, Podcast, iTunes, Spotify

Did You Know? Punit's book "Be Ready For GDPR" is ranked as #1 and the book "Intro to GDPR" is ranked as #9 in the list "25 Best GDPR eBooks of All Time" published by BookAuthority.com.

Did You Know? The FIT4PRIVACY Podcast is ranked #3 in GDPR Podcasts by Feedspot. Listen to this podcast on your favourite platform now: Apple, Spotify, Stitcher

The FIT4PRIVACY Podcast - A Podcast For Those Who Care About Privacy is available on iTunes, Spotify, Stitcher and many other platforms.
Punit Bhatia ?? ??

Managing Consultant | Making Privacy, Data & AI Compliance and Sourcing Hassle-Free | Host of the FIT4PRIVACY Podcast ???| Published Author ?? | Keynote Speaker

4 年

A special thanks to Spandana Nageshkumar for her ideas and contribution when writing this series of articles.

回复

要查看或添加评论,请登录

Punit Bhatia ?? ??的更多文章

  • Why More Staff In Your Privacy Team Will Not Help?

    Why More Staff In Your Privacy Team Will Not Help?

    In a world wherein we are used to instant fixes, adding more staff into the privacy team may seem the obvious solution…

    6 条评论
  • Our Data In WhatsApp

    Our Data In WhatsApp

    Last days, we have seen a lot of buzz around the changes in Privacy Statement (or as some call it Privacy Policy). Many…

    10 条评论
  • GDPR At 2: The Enforcement Actions

    GDPR At 2: The Enforcement Actions

    The GDPR has been in effect for only 2 years. Prior to its effective date on May 25, 2018, there was a huge concern…

  • GDPR At 2: What Are The Challenges?

    GDPR At 2: What Are The Challenges?

    A GDPR like legislation that has been in effect for only 2 years, it is likely that there are challenges and open…

  • GDPR At 2: What Are The Positives?

    GDPR At 2: What Are The Positives?

    GDPR is a work in progress from the way I see. As I look back at two years of GDPR regime, there are numerous positives.

    4 条评论
  • GDPR At 2: Why Was The GDPR Actually A Big Thing?

    GDPR At 2: Why Was The GDPR Actually A Big Thing?

    In April 2016, when the EU General Data Protection Regulation (GDPR) was adopted and it was announced that the…

  • GDPR At 2: How To Look At Two Years Of The GDPR Regime?

    GDPR At 2: How To Look At Two Years Of The GDPR Regime?

    On May 25, 2018, the EU General Data Protection Regulation (GDPR) came into effect. Undoubtedly, this is the most…

    1 条评论
  • Why do I not like to post about fines?

    Why do I not like to post about fines?

    Often, I am suggested that I should leverage the fact that GDPR has the possibility to fine companies. And, this can be…

社区洞察

其他会员也浏览了