Citrus Solutions was pleased to attend the European Data Protection Days 2017 (EDPD 2017), which took place in Berlin on the 15th and 16th of May. The event maintained the importance of GDPR, a current hot topic in the data industry. There was a large attendance, as both days were crowded with high class presentations.
In addition to many engaging case studies, some more general themes were explored. Namely: international data protection. Regulatory requirements continue to vary cross-borders, posing a problem for internationally operating organizations, who need to comply with all requirements.
DPA and DPO roles were discussed, with concerns voiced regarding EU DPAs and whether they assume a common approach to interpreting EU legislation. A lack of set international standards is problematic, and would encumber these organizations.
Different starting approaches were discussed. Some were in favor of putting data first, some preferred to start with process analysis, while others felt that the easiest way to get started is information systems portfolio analysis, with one organization adding GDPR to quality development. Many alternatives were indeed presented, but the jury is still out regarding which is the best course of action to begin with.
Perhaps the most obvious talking point was the threat of fines. The threat exists, but the hope is that no fines would be issued on the launch date, even if processes are not all ready. Only time will tell.
Information technology keeps on developing at a breath-taking pace: Questions arise as how best to cope with things like IoT ("Internet of Things"), big data, cognitive computing, biometrics & sensors, implants and other devices directly monitoring an individual human person’s life. GDPR processes continue to run ahead of regulation.
All in all, the event showed that all organizations must take GDPR seriously. With a steadily approaching deadline (only a year left), work remains to be done. Fortunately, Citrus Solutions is here and ready to face the challenges, head on!