cancel
Showing results for 
Search instead for 
Did you mean: 
GDPR doesn’t affect me…

...is just one of the things I’ve heard repeatedly over the last few months. I’ve also heard:

  • GDPR is just hype.
  • We don’t have an office in the EU.
  • I don’t know what GDPR stands for.


It’s funny how something that will have such a major impact to how an organisation operates, is flying so low on the radar and is often fundamentally misunderstood for those who will need to react.

Like many regulations, the General Data Protection Regulation (GDPR for short) is a reasonably dry piece of European legislation. It’s not a particularly sexy headline grabbing topic like Big Data or the Internet of Things were initially; however, if we think for a moment about the impact it might have – then it is certainly just as big a game changer.

So what’s GDPR trying to achieve? Well simply put, it is giving you and me control back over our personal data. That’s it. Lots of organisations take advantagHow much do value your privacy? [A computer with a camera]How much do value your privacy? [A computer with a camera]e of out of date data privacy regulations and freely buy, sell, store, manipulate the personal data of people who have absolutely no idea their data is being misused. For example; advertisers read key words in your Facebook posts and then target you, purchasing an album can now mean you are automatically subscribed to that artists fan page, tracking firms can quietly follow your internet browsing over multiple websites building up a profile around you. The list goes on.

Your personal data is valuable, and organisations know it. Therefore the time to regulate the use of this data has long since passed.

The GDPR will apply to any organisation (globally) who collects, stores or processes the personal data of any resident within the EU. This means that lots of organisations will now need to consider their response and how they aim to maintain compliance as the cost of non-compliance could be huge.

Some of the major challenges between most organisations and compliance include:

  1. Getting to grips with your data – Understanding where, why and how you store and process personal data is key especially when the majority of the data you currently store is probably “Dark” (you really have little idea of what it is, who owns it, or what it contains)
  2. Individuals having to be found to be forgotten – Responding to somebody’s request to see the data being stored about them is nothing new, but GDPR now empowers that individual to request that you forget them (delete it) – within 30 days.
  3. Personal data you keep must be protected – Keep only the personal data you need to conduct your business, delete the rest and then ensure that data is well protected from damage , loss or breach


Veritas has been helping its customers with information governance challenges like this for years and no-one has the same breadth of experience or pedigree in offering solutions in this space. If you’re thinking about how to approach GDPR and where to start, the first point above is a good place. All that dark data you’re sitting on – shall we take a look?

Sign up for a Veritas GDPR maturity assessment to kick start your GDPR journey at www.veritas.com/gdpr