GDPR Compliant – it’s a very sought-after title that many want yet few have earned. If your company has yet to achieve it, you’re not alone. According to a recent survey, some 80% of large companies worldwide (and nearly 90% of those surveyed in the U.S.) are not yet GDPR compliant.
Why is becoming GDPR compliant such a challenge to these companies? Octopai CEO, Amnon Drori, suggests that companies may need to ask themselves more than they’re already asking. “The question for many organizations isn’t just ‘what system do we have in place to remove user data;’ it’s ‘where do we find the data we need to remove?’”
When an EU resident requests that their email (or another piece of personal data) be removed from a company’s system, a company has to know exactly where that piece of data is located across the organization – and it’s most likely not just in one place. According to GDPR regulations, this information needs to be deleted within 48 hours of the request, and the company then needs to prove that this full deletion took place.
Tracking down this information, and how its deletion affects other processes within the company is one of the main reasons that companies are struggling to reach compliance. The process is tedious and can take a painfully long time to complete. With automation, the location of this piece of data can be determined in all of the organization’s multiple systems within minutes, as well as finding and understanding the dependencies that the data element is impacting in order to prove full deletion.
With automation, GDPR compliance is no longer elusive.