Beware the GDPR vaporware

NetApp’s legal head Sheila FitzPatrick on why companies can’t simply buy or outsource their way to GDPR compliance.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

The EU General Data Protection Regulation – aka GDPR – comes into force as of May 25th, 2018. And frankly, if you haven’t started your preparations to be compliant yet, you are in trouble.

“People keep thinking they're going to give us grace period, we're already in the grace period. You've had two years to do something,” says Sheila FitzPatrick, NetApp’s worldwide legal data governance & data privacy counsel.

Though chasing every company for million-dollar fines isn’t the intent of the regulation, the threat of a bill equal to 4% of global revenue is very real, and one that blatant rule-breakers should be afraid of. 

“They're going to make poster childs out of the companies are not complying; they are going to put details on why they were fined, what happened, what they had and didn't have in the place. All it's going to take is one massive fine to make companies wake up.”

However, she adds, the data protection authorities do not want to hit every single company with a massive fine. They simply want organizations to show willing.

To continue reading this article register now