As we speed along toward GDPR’s May 25, 2018, deadline, knowledge is power.
Being as informed as possible about what's developing is critical to assembling a strategy to address the new regulation.
Understanding the new regulatory expectations and how they might apply to your business – what's already been hammered out and what's still developing and up in the air – can help you recognize what resources to invest in, how to limit risk and liability and where best to focus your time and energy in addressing areas of concern.
To help you, we've assembled the following roundup of resources. These links should set you on the path to assembling a full 360 view of what the GDPR means for you. Using these resources, you can explore, read, learn and use that knowledge to get yourself as prepared as possible for the GDPR.
Take an initial dive into the new world of GDPR compliance with the EU's own GDPR informational website.
The EUGDPR website has a plethora of information right from the regulators. It features plenty of background on how the EU got to this point, what the EU hopes to achieve by implementing GDPR and so on, as well as answers to frequently asked questions about many different aspects of the regulation. For an overview of deadlines, expectations and other basics, it's the place to start.
But with a regulation as complex and far-reaching as the GDPR, there is plenty more for businesses to know and take into consideration. If you're left wondering what exactly a given term on the GDPR website means in general, or for you in particular, there are many more resources out there to take you deeper.
The UK Information Commissioner's Office (ICO) is an independent UK-based authority promoting data privacy and information rights for the general public. In keeping with their mission, they've been providing a great deal of information on the ins and outs of GDPR, untangling and demystifying some of the more complex and nuanced aspects. Following the organization's news blogs is a great way to understand all of the emerging issues surrounding GDPR.
And if you want to go as in-depth as it gets, check out the Overview of the GDPR. This is a continually-updated and incredibly in-depth exploration of the key themes at play. The language is technical, nuanced and thorough, and the document is broken out page-by-page into sections covering each critical GDPR-related topic.
Salesforce is one of the biggest names in CRM, and being such a big player, when it comes to meeting compliance standards they're at the forefront. Here you can read about what they're doing – on their own and with their customers – to hit GDPR's compliance benchmarks.
If you've got concerns about how contracts and other documents will be impacted by GDPR – and you want to know the steps to take to make sure they're not a GDPR liability – SpringCM's GDPR overview is a great starting point.
The page offers plenty of general information on GDPR, as well as its potential impact on contracts and documents in particular – and some insights into how vendors who manage such data can set their clients up for compliance with GDPR enforcement on the horizon.
Microsoft offers a repository of information on how to get prepared for the impending go-live date, along with tools to help businesses determine their level of readiness.
UK-based blog IT Governance features news on a host of IT-related issues, including GDPR. This is a good place to find articles discussing the impact the new regulation will have on such easily overlooked, practical facets of the IT world as staffing.
This IT-related blog features articles and opinions related to the broader world of IT, data privacy and compliance, and sometimes features explorations of what requirements like privacy-by-design will mean for businesses on the level of implementation.
What are the legal implications of the GDPR? At this point, there are a lot of questions, which the bloggers at FieldFisher raise and address here (among other concerns at the intersection of data privacy and the law).
GDPR compliance may mean some serious changes when it comes to what counts as business-as-usual, and that can make businesses understandably nervous. But by doing your research, understanding what's at stake and working with good vendors who take compliance seriously, you can ease any fears and get back to focusing on what you do best – meeting your customers' needs.
Editor's Note: This post was originally published in September 2017. It has been updated for accuracy and comprehensiveness.