It is now only a little over four months before GDPR comes into full force.  There is no avoiding the biggest shake-up to happen in twenty years concerning private data.

Therefore, given the pivotal role data plays to many organisations' strategies, as well as to their competitiveness and survival, it is shocking that so many company directors are so unsure about GDPR issues.

GDPR is an issue that touches right at the heart of how organisations use data, and thus it must be dealt with from both a legal and an operational IT perspective.  It can involve complex change management, but can also lead to better awareness and use of data, which in turn can drive competitive advantage - therefore it does not have to solely be a regulatory cost.

But with the potential of large regulatory fines it is not something that can be ignored. It is important, however late in the day, that GDPR is taken seriously by organisations and that they start to put appropriate measures in place.  From a data perspective, this means establishing where data is used, who owns it and what actions are performed on it.  Now is not the time to be in the dark about GDPR.