View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Treating new regulations as an opportunity

Whether your business is primarily based in the US, the UK or in Europe there are big changes coming to how security and privacy is regulated.

By John Oates

European firms, and companies with any European customers, will soon have to follow the General Data Protection Regulations (GDPR). In the US rules vary from state to state but are mostly following California and moving to tighter privacy and security protections.

The widespread trend is to closer regulation which follows changing public attitudes to privacy and data security.

Fines are also growing – GDPR failures can cost a company €20m or up to four per cent of global turnover.

But the most innovative companies are seeing these changes as a business opportunity not just another box ticking exercise.

Security and privacy can and should be seen as a business differentiation strategy – a way to place your firm head and shoulders above the competition.

The cost of security failures is now recognised from the board of directors downwards – it is now a business issue not just an IT problem.

There’s no question that the changes to European rules will require more than a quick audit and brush up of business processes and systems.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

For some companies GDPR will require wholesale changes to how customer databases, to take one example, are collected and maintained. Although the details are still not completely clear they will require business to obtain secondary consent from customers if any kind of processing of their data is carried out.

This will require changes in how databases are managed and how easy it is to remove details either when requested or when they expire – GDPR rules that details can only be kept for specific time periods.

For some marketing departments completely new business processes will be needed.

But the changes are an opportunity to update systems and create data platforms and systems which are ready for the future.

Because the changes are so fundamental there will also be a period of legal changes and fine tuning of how the law is applied in practise.

So it is an ideal chance to build systems with as much flexibility as possible.

It is also a chance to standardise systems to save costs and make big data and other additional applications easier to implement.

Most enterprise systems are built up in an ad hoc way, GDPR is a chance to revisit and improve on some of the decisions made in the past in terms of data centre desing and business processes.

Done right this should allow your business to be much more than just compliant with the new regulations.

It should deliver an infrastructure capable of dealing with the challenges of big data and able to bring new applications online far more quickly than before.

It provides a golden opportunity to invest in cleaning up the data the company holds, getting rid of out of date details, and storing it on truly, quickly accessible storage systems.

It should also put the company’s data exactly where it should – at the very centre of the IT infrastructure and at the very centre of business strategy for the future.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.