“Do you have a standard Privacy and Data (GDPR) module ready to go?"
I’ve heard this question a lot over the past two months. That makes sense, because starting May 25th, 2018 the European Commission (EC) will change their policies and everybody has to know all about the ins and outs, but also the consequences of these new rules.
Legislation can’t just be dismissed with a single intervention. Recognizing privacy and data aspects/risks isn’t a matter of following a module and check marking something at HR. Things like transparency, integrity and goal limitations are risks that are constantly present and can cost a lot of money for an organization. This is about behavior, knowing when you’re in a grey area, recognizing risks and learning to implement a new set of reflexes.