Microsoft raises concern about EU GDPR policies, advises organisations
Software giant, Microsoft, has urged businesses and organisations to pay attention to the European Union’s General Data Protection Regulation (GDPR) law.
The law, in its entirety, seeks to protect personal identifiable data across business and organisational landscapes.Lead Commercial Attorney, Microsoft MEA Emerging Markets, John Edokpolor, at the weekend, in Lagos, explained that the GDPR is a new European law designed to protect the privacy of citizens, by setting new standards in terms of how personal data is handled.
Edokpolor however warned that failure to adhere to the GDPR requirements could prevent trade and other business dealings with EU organisations and business entities after May 25. It replaces the Data Protection Directive, which has been in effect since 1995.
According to him, although the GDPR law is an EU law, it is relevant to businesses around the world, especially businesses that have trade ties with Europe, especially those that deals with data.
It was gathered that the new regulation became a law in April 2016, but given the significant changes some organisation will need to make to align with the regulation, a two-year transition period was included.
The Guardian gathered failure of Nigerian businesses that collect, store and process personal data for EU citizens for the provision of goods and services risk €20million fine if they failed to comply with the new GDPR.
Edokpolor said: “The new legislation is a milestone on a journey into a new era, where data is the fuel powering companies of all shapes and sizes from all sectors… The law affects any organisation with ties to Europe; it is relevant to businesses around the world.”
He noted that as companies increasingly embraced the Cloud, they had an unprecedented ability to capture and store massive amounts of data, adding that the advancement in business intelligence technology had given organisations the ability to pull insights from data predictive in nature.
He advised that businesses to be a step ahead of customer expectations and needs, instead of merely reacting to them, as this is a significant step forward, and truly marks the beginning of a new era, in which data becomes the electricity powering companies.
To be compliant with the new EU law on data protection, Edokpolor said businesses must address three things: people, processes, and preparedness, and to address these, organisations must manage their data like they manage their money.
According to him, every business maintains strict processes for tracking revenue, costs, and all manner of financial flows. They don’t just do this because it is required, but because it makes business sense. Companies need to maintain the same birds-eye-view of their data assets, via a solid data governance strategy.
Another way of achieving compliance, according to Edokpolor, is that organisations must create a culture of data confidence, since effective data governance demands a people-first approach. He said employees must be made to know the real value of data and as such do all they could to protect it.
“Once this has been established, it will be easier for employees to realise the importance of adequately protecting data, as they would any other high-value company asset,” he said, adding that placing the approach to data governance within the context of a broader digital transformation can streamline the process.