Companies wrestling with the compliance challenges of the European Union's new privacy regime would be forgiven if all they see over the horizon is an ominous compliance cloud. But the savviest companies should see the compliance exercise also presents opportunities to up their privacy and data security game.

The General Data Protection Regulation (GDPR) taking effect next May brings potential massive fines of millions of dollars, mandatory data breach notification, stricter data use consent, and other compliance clouds. But the silver lining may be a board more willing to lend an ear and fund improvements and the opportunities to get data in order, bolster consumer trust, and leverage streamlined regulatory oversight.

|

Better Record Keeping Builds Trust

Many companies would have a hard time responding effectively to a request for specific information from an individual or a privacy regulator because they are not sure what data they hold or where it is located.