GDPR has arrived and enforcement actions are numerous. Has your executive committee asked "are we in compliance"? In 2018, companies completed GDPR assessments, documented the scale or scope of actions necessary for compliance and are working plans to close the gaps. Soon California's regulation, CCPA will be here, with enforcement in 2020. Has your privacy program prepared to be ready in less than a year? Remember CCPA allows for a one year look back (2019).
In 2019 companies still have to complete data inventories, define the legal basis for processing, develop capabilities for managing individual rights, test incident management plans, and measure the level of compliance. These actions will improve compliance, reduce risks and build customer and regulators' trust.
Do your business leaders understand the time to take action is now, as the risk of non compliance increases with each passing day.