As Europe's General Data Protection Regulation (GDPR) comes into force on May 25, Indian companies with business interests in the region will need to rework their data management systems. The new law will not only affect global behemoths like Google and Facebook but all other companies, big and small, who collect user data.
As data breaches are frequently happening, GDPR puts the onus on the firms to assume responsibility for how data is processed and managed. And the larger the entity, the more complicated the process. Imagine the difference between securing a four-room house and a 24-storey building. Companies will have to zero in on what data they are collecting, how they are processing it and how they are putting the consent mechanism in place.
According to experts, most companies mistakenly assume that GDPR is a matter for the IT department to sort out whereas a holistic approach roping in all departments through a cross-functional team is a better way to ensure a GDPR-enabled future.