GDPR compliance update: The force of Storm GDPR and its impact on the middle market

The force of 'Storm GDPR' and its impact on the middle market

Like a monster storm pounding islands and coastal areas in hurricane season, a storm of another kind has been sweeping across the EU and beyond. It has spread chaos in its wake, as companies have raced against time to prepare for the General Data Protection Regulation (GDPR), attempting to ensure GDPR compliance before the deadline.

The GDPR developed over years of proposals, provisions, and approvals, with final adoption by the EU in 2016. Now, in 2018, GDPR has come into force with a bang. Like with any calamity of magnitude, there are those who saw it coming and were ignored and ridiculed. There were those who were presented with the facts, but chose to put their heads in the sand, and there were those who recognised the danger and took steps to prepare for the worst. There were also many more who simply took notice too late, not fully appreciating the full impact of ‘Storm GDPR’. Now, these businesses may be faced with large GDPR fines as a result.

Over the last year, RSM has conducted continental surveys of over 750 middle market businesses, both inside and outside of the EU, to see how organisations in different parts of the world were navigating their way through the eye of the storm, and whether businesses have undergone GDPR risk assessments in preparation. As we reviewed the survey responses, we asked some of our international experts about the journey they have taken clients on over the last year, and discussed the key issues that businesses are facing now that GDPR Regulation has hit their regions, leaving them in the eye of the storm.