Pro Tips for GDPR Preparations

Can the preparations for the General Data Protection Regulation be handled as a project? Could the GDPR take your business to the next level? What is at the core of the regulation? Find out the hottest GDPR tips from Eija Warma, a leading data protection & privacy attorney from top law firm Castrén & Snellman.

Author: Taija
Date: 20.02.2018
Read Time: 3 Minutes

Organizations are at very different stages in their GDPR journeys. A few have it all covered. Some might have only woken up to the realization that the May deadline is in less than 100 days.

Recently we had the great pleasure of hosting leading data protection & privacy attorney Eija Warma on our Finnish podcast “Kyberykset”. F-Secure’s cyber security experts Tuomo Makkonen and Marko Buuri interviewed Eija about the key benefits and challenges associated with the GDPR and picked her brain for tangible tips to ensure a smooth preparation process.

 

podcast, gdpr, eija warma, tuomo makkonen, marko buuri, kyberykset

 

A New Way of Thinking

 

Warma says GDPR calls for a new way of doing things. Thus, it is not a project with a beginning and an end. Proper data privacy adherence is a continual process and must be embedded in each organization’s way of thinking. The GDPR deadline is actually a great chance to evaluate which of your day-to-day operations are eligible. Are you collecting data just for the sake of collecting data? Are you using systems that are not really needed? Make no mistake: the GDPR, approached correctly, can give your company a boost in productivity, focus and efficiency.

 

The value of data

 

Data is relevant for every company. However, you should think about data’s actual value for your business. Eija Warma suggests approaching the topic from the point of view of risk potential. How severe is the risk of losing sensitive data? Your selected actions and investments should be based on proper risk assessment, not generic guidelines. You know your business best. You shouldn’t expect an outsider to come and tell you what to do.

 

Ambiguity or freedom to innovate?

 

GDPR allows a lot of freedom of action and includes only a few prohibitions. Warma says this may feel frustrating to many companies – GDPR is the biggest change in EU data privacy laws in more than 20 years, and there is a lot to figure out.

GDPR is not easy to read even for an expert, but Eija’s tips are very reassuring. It all comes down to understanding a few key concepts that form the core of the GDPR. The next step is to figure out what they mean for your company. Who are your data subject and data controller? What kind of actions are necessary in your case?

 

The core of the GDPR

 

The core of the regulation is simple: it aims to increase privacy for EU residents and to standardize the data protection laws across the European Union. Your goal is to adhere to these two targets as closely as possible. Focus on the essentials, do your homework and rebuild your business as a truly privacy-mindful entity. We guarantee you: not only will you save time and money further down the line, but your customers and partners will be more grateful than you can ever imagine.

Doing things the old way is not always the best way. Keep things simple, and have successful GDPR preparations!

 

“Kyberykset” Podcast

 

If you happen to understand Finnish, be sure to listen to the very first Finnish cyber security podcast “Kyberykset” with our expert consultants Tuomo Makkonen and Marko Buuri. Enjoy!

kyberykset podcast f-secure


Post Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s