In the second of our series aimed at debunking myths around the General Data Protection Regulation (GDPR) that comes into effect on 25 May, let’s examine another misconception:
Myth #2: GDPR is a privacy revolution and a huge burden for companies, in terms of resources and budget
If a company, like CWT, is already compliant under the current data protection regimes, GDPR is certainly not a revolution and is largely built on existing principles.
Yes, the regulation demands more of companies, especially around accountability and enhancing individuals’ rights but the fundamentals of data protection remain the same, i.e., fairness, transparency, data accuracy, security, minimization and respect of individuals’ rights. At CWT, we are simply adding a few pieces to our existing global privacy program.
We believe that the GDPR ultimately encourages all companies to take data protection seriously and, in doing so, fosters a level playing field. In that regard, GDPR extends beyond pure data protection compliance by further strengthening the trust relationship between corporations, clients, and individuals, and by providing an opportunity for companies to aim at heightened security standards – the result will benefit all parties.
While GDPR starts a new phase in data protection and privacy, rights over your personal information are not new. GDPR is a natural progression in our fast-changing digital world.
In our next installment, we’ll look at some of the beliefs around maximum regulatory fines.
Blog Author: Christel Cao-Delebarre, Global Privacy Officer, Carlson Wagonlit Travel