Having experienced the furor around Y2K and all of  the work that was performed to avoid what could have become a total disaster, I was reassured that organisations took the issue seriously and dealt with it as a way to avoid mayhem.

GDPR does not provide the same "excitement" and will not mean that systems suddenly stop working.  In fact, it focuses on something much more valuable than computer code - it focuses on data.  It seeks to ensure that indvidual's data is only processed in a manner they consent to with additional safeguards around rectifying errors and a right to be forgotten.  

However, it does have the ability to severely damage an organisation's well-being through regulatory action and fines, and potentially lead to bankruptcy and insolvency, as this article alludes to.  What is more worrying is the lack of attention that GDPR is receiving in many quarters.  Organisations need to recognise the impact it could have on their operations and plan appropriately. As well as the direct legal implications, "how do I use data" and "where is my data" are two easy to ask, yet difficult to answer questions that organisations must deal with.

Unfortunately, unlike Y2K, there is not a simple code or patch that can be applied to become compliant.  In that respect, GDPR poses a much larger challenge to organisations than Y2K did!