GDPR: What counts as personal data?
With the introduction of GDPR coming into effect in May 2018, it is reassuring that businesses are aware of the need to comply with the new regulation. Indeed, 100% of UK business leaders surveyed in Trend Micro’s recent research were aware.
However, despite 88% of those surveyed having also having seen the requirements of GDPR, it is perhaps worrying that 79% did not know that a customer’s date of birth is personal data.
Further to this, it appears that there is a lack of clarity within UK businesses over who should be responsible for ensuring compliance with GDPR when it comes into place. Reportedly, of those surveyed, a quarter thought that the CEO should lead on meeting its compliance and just under a quarter that it should be the CISO and their team.
Given the repercussions for not complying with the regulation when it comes into effect, and with only 19% of UK businesses having a C-level executive involved in the GDPR process, it appears that this is an area which boards still need to focus much more of their attention.
Given that GDPR has been described as the biggest data protection change in a generation and is set to alter the way businesses handle data for the foreseeable future, NEDonBoard has partnered with the GDPR Summit London, a one-day event dedicated to providing businesses with a roadmap for compliance, helping them to avoid the risk of fines and reputational damage. NEDonBoard members receive a preferential delegate rate of £595 (code NED100).