As an in-house lawyer and Data Protection Officer for a Fortune 500 company, I have experience in trying to engage departments such as HR, marketing and legal in the sometimes grim area of data protection. You are never going to be the most popular person at the office party with my job but if you make your GDPR project practical and engaging, you can get on the right side of the law, win your customers’ trust and avoid those much-hyped fines.
Running an effective GDPR compliance programme means you must change some of your processes and operations to align with the regulation. You must also educate the people in your company, all the way up to the boardroom, on what they will have to do, and avoid doing, to avoid those mammoth fines.
Some GDPR tasks are going to be painful. Here are some of the toughest.