It was the month of May 2018, when finally the GDPR revolution began in Europe; after six months, what have we all learned about our data?
First of all, we learned that our data was valuable. Putting such focus on our personal data made us realize how important they really are, how many companies are really interested in them, and how much can be done with even the simplest of information.
We did not reckon their value before, and one of the big shifts of the GDPR was to have people realize how much they are worth, and how important it is to protect your personal information, just like we would do with anything of value.
This shift in awareness is probably the greatest achievement of GDPR.
We also learned to implement new practices for an improved and more effective data handling. GDPR caused almost all companies to redesign their processes, handle employees formation, and rethink the way they did business, especially in the marketing departments.
This radical redesign is likely to spawn new ways of advertising, ones in which trust between a brand and a consumer is pivot, because now that we know how valuable our data is, we would never light-heartedly give it to firms we don’t trust.
Most of all, we were shown that training is key.
Security/data breaches are caused, three times out of four, by employees misconduct.
That’s why the focus of the GDPR is really on the everyday practices, on how datas are handled from the very first time they are collected.
It’s no use to have a shiny Data Protection Agreement, fully GDPR Compliant, if every person that has access to data is not aware of how to handle them.
Data protection is a bottom-up process, only effective if the data security mindset has permeated all the aspects of the data flow.
We at lawpilots strongly believe in the importance of training for companies: check here our courses to get ready.