Having experienced the furor around Y2K and all of the work that was performed to avoid what could have become a total disaster, I was reassured that organisations took the issue seriously and dealt with it as a way to avoid mayhem.
GDPR does not provide the same "excitement" and will not mean that systems suddenly stop working. In fact, it focuses on something much more valuable than computer code - it focuses on data. It seeks to ensure that indvidual's data is only processed in a manner they consent to with additional safeguards around rectifying errors and a right to be forgotten.
However, it does have the ability to severely damage an organisation's well-being through regulatory action and fines, and potentially lead to bankruptcy and insolvency, as this article alludes to. What is more worrying is the lack of attention that GDPR is receiving in many quarters. Organisations need to recognise the impact it could have on their operations and plan appropriately. As well as the direct legal implications, "how do I use data" and "where is my data" are two easy to ask, yet difficult to answer questions that organisations must deal with.
Unfortunately, unlike Y2K, there is not a simple code or patch that can be applied to become compliant. In that respect, GDPR poses a much larger challenge to organisations than Y2K did!
Remember Y2K, also known as the “Millennium Bug”, which was expected to wreak havoc on computers around the world at the beginning of the century? Another ugly abbreviation, GDPR (for “General Data Protection Regulation”), has led to similar worries. Members of the European Union are now adapting their privacy laws to this piece of EU legislation; Britain has just started the process. Unprepared firms may even face bankruptcy, experts warn: the GDPR requires organisations to obtain people’s “explicit” consent whenever they process their data, for instance, or face fines of up to €20m or 4% of global annual sales. The Millennium Bug didn’t do much damage...[with] GDPR, nobody should rely on it not happening: it will become enforceable next May. And it won’t just apply in the EU, but wherever personal data about the bloc’s citizens are processed.