GDPR – A European standard impacting Australian organisations
Conclusion: Australian organisations and agencies need to embrace the European Union’s new General Data Protection Regulation (GDPR) legal framework for protecting and managing Private Individuals Information (PII). There is considerable risk to organisations that do not take action to comply, financially and to organisations’ brands.
There are also potential upsides in embracing the requirements and being able to demonstrate compliance with the accountability principles, and implementing both technical and organisational measures that ensure all processing activities comply with the GDPR.
Whilst Australian companies may already have practices in place that comply with the Australian Privacy Act 1988, GDPR has a number of additional requirements, including the potential appointment of “data protection officers”. Action should already be taking place, and organisations should not underestimate the time and effort it may take to reach and maintain compliance.
About The Advisor
Peter Hall was an IBRS advisor between 2016 and 2020 who covered enterprise infrastructure, management, managing vendor and customer relationships, vendor capabilities and vendor offerings. Peter is also experienced in Start-Up’s and Mergers and Acquisitions. Peter has over 37 years of experience working in the IT sector in ANZ and Asia Pacific, gaining invaluable insights into vendor offerings and strategies, relationship management, and channel strategies. Peter’s an experienced executive having worked for Hewlett-Packard, Blade Network Technologies (acquired by IBM in 2010), IBM and Lenovo. Peter is also an accredited Tony Buzan Licensed Instructor in Mind Mapping.