Get ‘Ready’ To Talk GDPR: 12 Months Later, Has The Storm Passed?

By Miranda Foster

There’s no doubt that May 2018 will be remembered in business and technology circles as an important milestone for data protection legislation, usage and public impact.  The implementation of the General Data Protection Regulation (GDPR) in Europe on May 25 introduced a law with an international reach, focused on supporting the rights of individuals while providing a best-practice framework for enabling the continued and sustainable growth of the digital economy. 

One year after its implementation, the bruising barrage of fines and thousands of “Right to be Forgotten” requests have, more or less, been avoided. While business priorities have shifted over the last 12 months, questions about GDPR remain: just how far and deep have companies gone in their compliance efforts, and what effect are those processes and workflows now having in 2019?

We’ve seen a few new solutions flood the market in the last 18 months and these often claim to be the silver bullet for GDPR. While there is no “plug-and-play” solution for GDPR, there are, however, solutions like Commvault Activate™ and Commvault Orchestrate™. These allow you to identify, index and manage your data in ways that enable you to more easily meet “Right to be Forgotten” requests or provide notifications and visibility around data breaches – all of which are key components of GDPR.

As part of Commvault Ready – Commvault’s sales kickoff and readiness event in Las Vegas, Nev. – Stefan Hellweger, Head of IT, explained how, in Italy, the South Tyrol Civil Protection Agency has been using Commvault for just this purpose.

With 210 employees and 19,000 volunteers, the Civil Protection Agency of the Autonomous Province of Bolzano responds to thousands of requests for assistance every year – from fires and avalanches to road accidents and earthquakes.

The Alpine region’s 500,000-person population swells by millions of visitors every year who enjoy a range of outdoor activities; this results in a massive amount of created and managed data. Data that since May 25, 2018, all falls directly under regulatory requirements now governed by GDPR. 

“With Commvault, we can quickly and easily search for personal data stored on physical and virtual servers as well as backup files,” said Hellweger. “It has accelerated our response to GDPR requests and improved governance and transparency.” 

According to a Commvault poll conducted at Data Protection World Forum in November last year, strict regulation – like GDPR – was actually welcomed by the vast majority of respondents as a process that would lead to improved cross-business function data hygiene, and ultimately provide a more transparent view of the data (and its value), held by an organization.

As we approach the first anniversary of the inauguration of GDPR and review the present state of the regulatory landscape (and associated attitudes), the key take away for us all is this: regardless of shape or size, it remains of vital importance that organizations continue to take stock of how GDPR is evolving; reflect on how far they have come in their own compliance efforts over the last 12 months; and seriously consider how far they (in some cases) still have to go.

If managing your data in a GDPR-compliant way is still causing you headaches, tune in to all the news and developments from Commvault GO in October. However, if you can’t wait until then, get in touch with us @Commvault on Twitter and we’ll help you figure out your GDPR conundrum!