Alan Calder, founder and executive chairman of IT Governance, was invited onto BBC Radio 4’s “You & Yours” programme to discuss privacy concerns from the perspective of displeased customers and organisations tackling GDPR compliance.
The conversation revolved around establishing whether the GDPR is, as the Information Commissioner has stated, “a new high standard of consent”.
The GDPR has certainly shaken up data protection legislation, as well as expanding the rights of data subjects. A crucial objective of the Regulation is to encourage organisations to demonstrate they have a lawful basis for data processing, with informed consent being just one. However, it seems that the GDPR has not been understood correctly by a significant number of data subjects and organisations: the Radio 4 broadcast mentions that more than 40% of customers are still receiving unsolicited marketing emails.
IT Governance’s GDPR Implementation Survey revealed that less than one third of UK organisations are GDPR-compliant. This is worrying as data breaches are rampant, the number of data protection complaints submitted to the ICO (Information Commissioner’s Office) is soaring and there are certainly more (unreported) breaches that businesses are not even aware of.
Achieving and demonstrating compliance with the GDPR can be a complex task. Organisations looking to provide compliance assurance can take advantage of our GDPR Audit Service, which includes everything you need to review your compliance posture.