Careful planning is required for achieving compliance with GDPR. It requires a programme and strategy being developed that includes all parts of the organisation. Technology has a large part to play, but every organisation needs to carefully assess what it already has in place and should identify what data it collects and processes before making technology purchasing decisions to ensure that efforts at improving data protection and security are not jeopardised.
Author/s: Fran Howarth,David Norfolk