Top 10 Steps to Operationalize the GDPR

Being GDPR ready is a task which extends beyond the privacy or compliance team and requires the involvement and cooperation of the entire organization to take compliance with the GDPR from theory to practice. 


Extract from article by Mark Webber and Hannah Blake

With the implementation of the EU General Data Protection Regulation (GDPR) less than a year away being ‘GDPR ready’ is a key focus for many organizations. But this task is one which extends beyond the privacy or compliance team, it requires the involvement and cooperation of the organization to take compliance with the GDPR from theory to practice.

Even those who’ve pushed through data mapping are starting to realize: it’s one thing to have a core privacy team on top of GDPR, but a mammoth task operationalizing the GDPR throughout an entire organization.

To help, here we provide the top 10 steps to operationalise the GDPR in your organization.

  1. Understand your organization’s governance – rally support!
  • Key stakeholders

If the highest level of management within an organization sets privacy as a key priority it will help to set the tone of privacy in your organization. They could even go as far as to implement a privacy strategy or make a privacy mission statement. Involvement and support at this level will promote and push forward the compliance process, encouraging involvement and education of employees and assignment of tasks. Maintaining such a policy will dictate privacy’s involvement in day to day operations.

In other businesses, we see other compliance champions.  Sales guys love to sell and if they feel deal friction from privacy and Q2’s figures are suffering because of Article 28 you can bet they want to smooth that process and perhaps even lead and sell with compliance.  Seek out those impacted and build a coalition.

  • Key individuals

In addition one of the first key questions your organization should ask when looking at their governance structure is ‘Does this organization need a Data Protection Officer (DPO)?. This is a key role under the GDPR and unless it is obvious that your organization does not need to appoint one an organization should document the reason for its decision.

Everyone within an organization has various specialisms related to privacy and responsibility should be assigned accordingly to create a network of people who manage the day to day impact of privacy within your organization. A clear and coherent governance structure will ensure a smoother transition to GDPR compliance.

Additional Reading:

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

ComplexDiscovery is an online publication that highlights data and legal discovery insight and intelligence ranging from original research to aggregated news for use by business, information technology, and legal professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding data and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of data and legal discovery organizations. Registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world, ComplexDiscovery OÜ operates virtually worldwide to deliver marketing consulting and services.

Business as Unusual? Eighteen Observations on eDiscovery Business Confidence in the Summer of 2020

The results of the recent Summer 2020 eDiscovery Business Confidence Survey present the unfortunate and continuing impact of COVID-19 on the business of eDiscovery. However, for these pandemic-driven results to be fully understood, they should be viewed through the contextual lens of the results of all nineteen surveys that have been administered to eDiscovery professionals since the inception of the eDiscovery Business Confidence Survey in early 2016.



Check Out the Observations Now!

Interested in Contributing?

ComplexDiscovery combines original industry research with curated expert articles to create an informational resource that helps legal, business, and information technology professionals better understand the business and practice of data discovery and legal discovery.

All contributions are invested to support the development and distribution of ComplexDiscovery content. Contributors can make as many article contributions as they like, but will not be asked to register and pay until their contribution reaches $5.

Veritas Acquires Globanet

“By integrating Globanet’s technology into our digital compliance portfolio, we’re making...

Five Great Reads on eDiscovery for September 2020

From cloud forensics and cyber defense to social media and surveys,...

Time for a Change? FTC Proposes Changes to HSR Act Premerger Notification Rules

The Federal Trade Commission, with the support of the Department of...

An eDiscovery Holiday Season Down Under? Macquarie Prepares Nuix for IPO

According to John Beveridge, writing for Small Caps, Macquarie holds a...

A Running List: Top 100+ eDiscovery Providers

Based on a compilation of research from analyst firms and industry...

The eDisclosure Systems Buyers Guide – 2020 Edition (Andrew Haslam)

Authored by industry expert Andrew Haslam, the eDisclosure Buyers Guide continues...

The Race to the Starting Line? Recent Secure Remote Review Announcements

Not all secure remote review offerings are equal as the apparent...

Enabling Remote eDiscovery? A Snapshot of DaaS

Desktop as a Service (DaaS) providers are becoming important contributors to...

Home or Away? New eDiscovery Collection Market Sizing and Pricing Considerations

One of the key home (onsite) or away (remote) decisions that...

Revisions and Decisions? New Considerations for eDiscovery Secure Remote Reviews

One of the key revision and decision areas that business, legal,...

A Macro Look at Past and Projected eDiscovery Market Size from 2012 to 2024

From a macro look at past estimations of eDiscovery market size...

An eDiscovery Market Size Mashup: 2019-2024 Worldwide Software and Services Overview

While the Compound Annual Growth Rate (CAGR) for worldwide eDiscovery software...

Festive or Restive? The Fall 2020 eDiscovery Business Confidence Survey

Since January 2016, 2,189 individual responses to nineteen quarterly eDiscovery Business...

Casting a Wider Net? Predictive Coding Technologies and Protocols Survey – Fall 2020 Results

The Predictive Coding Technologies and Protocols Survey is a non-scientific semi-annual...

Business as Unusual? Eighteen Observations on eDiscovery Business Confidence in the Summer of 2020

Based on the aggregate results of nineteen past eDiscovery Business Confidence...

A Growing Concern? Budgetary Constraints and the Business of eDiscovery

In the summer of 2020, 56% of respondents viewed budgetary constraints...

Veritas Acquires Globanet

“By integrating Globanet’s technology into our digital compliance portfolio, we’re making...

An eDiscovery Holiday Season Down Under? Macquarie Prepares Nuix for IPO

According to John Beveridge, writing for Small Caps, Macquarie holds a...

ayfie to Acquire Haive

According to Johannes Stiehler, CEO of ayfie Group AS, “This acquisition...

Innovative Discovery and Integro Merge

“Integro and Innovative Discovery’s services and solutions are highly complementary. Our...

Five Great Reads on eDiscovery for September 2020

From cloud forensics and cyber defense to social media and surveys,...

Five Great Reads on eDiscovery for August 2020

From predictive coding and artificial intelligence to antitrust investigations and malware,...

Five Great Reads on eDiscovery for July 2020

From business confidence and operational metrics to data protection and privacy...

Five Great Reads on eDiscovery for June 2020

From collection market size updates to cloud outsourcing guidelines, the June...