The General Data Protection Regulation (GDPR) is considered the most important change in data privacy regulation in 20 years. It impacts companies globally, not just in the European Union (EU).
GDPR comes into effect on May 25 and protects the personally identifiable information (PII) of all EU citizens—allowing for fines of up to 4 percent of group revenue or EUR20m, whichever is bigger, in the event a company's consumer data is breached.
Companies may view this as a burden but Accenture believes that the new rules and regulations open up an opportunity.
GDPR impacts people, process, and technology
The size and placement of the circles indicate the estimated magnitude of the impact on an organization due to GDPR regulations, based on Accenture experience.
Chart indicating the impact of GDPR on people and processes and the opportunities across the technology landscape.
The effort to implement the people, process and technology changes for GDPR compliance can be substantial. The countdown toward GDPR has begun and every day matters. At this stage, more than 50% of businesses think they will be fined once GDPR becomes enforced. Consider three immediate actions to take you forward:
Determine your internal compliance strategy for GDPR.
Evaluate your internal capability to execute GDPR requirements.
Determine your best approach for trusted vendors and partners in data processing.