By Eve Tahmincioglu
I had a conversation with a top privacy lawyer for a US company last week who was proud to share that almost every employee in the organization had completed GDPR, the European Union’s far-reaching data privacy regulation, training before it kicked in Friday.
When I asked her if the board received the training she said: “I never thought of that.”
GDPR, which stands for General Data Protection Regulation, is already shaking up companies around the globe, including causing blackouts for a host of websites. Consumers in the EU have been blocked from accessing U.S. newspapers and some companies have suspended support for their products, according to a USA Today article on the GDPR fallout.
Given the potential high stakes, GDPR knowledge among the leaders of global companies, including directors and executives, is surprisingly lacking. According to an EY study, only 40% of global respondents believe they know GDPR fairly or very well.
GDPR is just the tip of the iceberg when it comes to privacy and the risk to all organizations, no matter where they’re based or who their customers are. But are boards being brought into the privacy fold?
|