Today’s D-Day - GDPR Myth-busters (4/4)

In the final post of our series aimed at debunking myths around the General Data Protection Regulation (GDPR) that comes into effect today, I invite you to exhale.

Myth #4: You must be 100% compliant by 25 May

Most deadlines are like train announcements: Useful information for the periphery of your mind. Others are like ticking time-bombs in the collective consciousness: Cinderella at midnight, Y2K, and end-of-world prophecies.

Rumours about the GDPR deadline have certainly placed it in the latter category. But while achieving 100% compliance by 25 May was a goal for some of us, the preparations for it have unveiled something else, more profound.

Unlike a box-ticking exercise or one-time stress test, GDPR compliance is, in reality, a journey, not a destination. This makes it all the more significant. Although you should have a robust data privacy program in place by now, 25 May signals the start of transformative corporate behaviours around data protection and data security. It's not a day in one’s life. It announces corporate change on a large geographic scale.

GDPR’s real value resides in ever-evolving and adaptive ways of ensuring good data protection practices, on-going compliance and continuous improvement.

So don’t think it stops here. 25 May is the day to look ahead, to continue building a framework, and to promote a culture of privacy within your organisation.

Privacy matters; today, tomorrow and for the foreseeable future.

Blog Author: Christel Cao-Delebarre, Global Privacy Officer, Carlson Wagonlit Travel