Navigating the compliance storm: Talend on tricky GDPR issues and how to solve them

As GDPR celebrates its one-year anniversary, we sit down with Talend senior director of data governance Jean Michel Franco to talk about where organisations are still going wrong and how things are likely to change.

At the end of May, the European Union celebrated the one-year anniversary of its famed data privacy framework for regulation, GDPR. For EU consumers, GDPR represents a major win by giving them more rights when it comes to the use of their data by private and public entities -- stipulating that things like withdrawable consent and data portability are employed by organisations looking to harvest that data.

It has also helped to educate consumers of the extent of their rights, with many consumers in the past holding an ignorant, ambivalent, or apathetic attitude towards their rights to privacy in the digital realm. Consumers have had somewhat of an awakening - not at all hindered by Facebook's Cambridge Analytica scandal - leading them to embrace their rights in droves mere months after the GDPR went into effect.

For the enterprise though, GDPR was not met with such warm attitudes. Many organisations would ardently describe their journeys toward GDPR compliance as nightmarish, especially for those who process large amounts of personal data. While many B2B businesses thought they weren't going to be affected as much by the EU's regulatory masterstroke, they were surprised to find that there are indeed many priorities that they must work through in order to achieve compliances. This is a constant, ongoing process and Data Protection Officers (DPOs) will never really be able to let their guards down, especially if organisations just pile the impetus upon them without assigning much responsibility elsewhere.

The challenges that GDPR has presented organisations have been - at times - incredibly steep, leading many to simply fail at their compliance obligations. While fines haven't been particularly damaging to this point, aside from Google's huge €50 million fine, there are a few elements signalling a potential change in this state of affairs, with regulators indicating that an increase in larger fines could be imminent.

To talk about the current state of GDPR and what organisations are still struggling with, we sat down with Talend senior director of data governance Jean Michel Franco. Franco identifies a couple of key pain points that are relevant for a wide-range of organisations, while also discussing some of the things that organisations have done right and where he thinks we're headed going forward.

Should compliance be a top-level priority for organisations at the moment? Do you think that is currently the case?

Compliance should be an absolute priority for organisations, because the costs of non-compliance are potentially extremely high. The GDPR was partly designed to swing the balance of power back in favour of consumers and their data, so it makes sense that we are seeing more cases of firms being held accountable under this legislation. As the media spotlight on GDPR breaches grows, businesses will be aware of the plethora of negative impacts caused by a privacy violation.

To continue reading this article register now