GDPR: Time to appoint a Data Protection Officer says M-Files

GDPR: Now is the time to appoint a Data Protection Officer and focus on compliance, claims M-Files

Enterprises need to plan now for the implementation of the new General Data Protection Regulation (GDPR)

Planning ahead for the upcoming implementation of the new GDPR will be essential for enterprises and integral to that will be the appointment of a new role within the organisation: the Data Protection Officer (DPO). This is according to M-Files Corporation, a provider of solutions that dramatically improve how businesses manage documents and other information.

The GDPR (also known as Directive 95/46/EC) is a directive adopted by the European Union designed to protect the privacy and protection of all personal data collected for or about citizens of the EU, especially as it relates to processing, using, or exchanging such data. Directive 95/46/EC encompasses all key elements from article 8 of the European Convention on Human Rights, which states its intention to respect the rights of privacy in personal and family life, as well as in the home and in personal correspondence.

The Directive, which achieved final approval in late January 2016, is expected to come into effect in late 2017 or early 2018. In order to be ready, organisations need to start planning now for its implementation.

Julian Cook, Director of UK Business, M-Files, stated:

“Enterprises need to address the compliance, budgetary and risk factors associated with the introduction of the Directive now. Article 35 of the GDPR mandates that all organisations no matter what the size, must have a DPO, but this may not be enough to drive change and give executive management the visibility and insight it needs as it relates to compliance. The role of the DPO not only includes advising on and monitoring GDPR compliance, but representing the company when contacting the supervising authority or the Data protection authority, which in this position is so critical.”

The new Directive will also see the introduction of a new, tiered fine structure. A company can be fined up to two per cent of their annual turnover for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach (articles 31 and 32), or not conducting impact assessments (article 33). More serious infringements merit a 4 per cent fine, such as a violation of basic principles related to data security (article 5) and conditions for consumer consent (article 7).

The GDPR also requires that the DPO will need to notify the appropriate supervisory authority of a personal data breach within 72 hours on learning about it if it results in risk to the consumer. The GDPR notification is not more than just saying that you have had an incident. Organisations will need to include categories of data, records touched, and the approximate number of data subjects touched.

“But it is not just creating a new role to challenge the risks associated with the GDPR. It is also about the issue of compliance and organisations also need to seriously address today’s highly mobile workforce to prevent potential data breeches and the issue of risk head-on,” added Julian.

“According to research M-Files conducted in 2014, 25 per cent of employees say their company has experienced information security breaches, data loss, non-compliance issues, loss of control over documents through employee use of personal file sharing and sync tools at work.”

One way of addressing these challenges is through the use of leading Enterprise Information Management (EIM) solutions to provide the simplicity that employees desire, but the control businesses require. EIM helps simplify processes in a variety of ways. For example, with metadata-driven EIM solutions, content classes can easily be determined for enabling quick access to non-sensitive content while securing confidential information.

Planning ahead for the upcoming implementation of the new GDPR will be essential for enterprises and integral to that will be the appointment of a new role within the organisation: the Data Protection Officer (DPO). This is according to M-Files Corporation, a provider of solutions that dramatically improve how businesses manage documents and other information.

[su_button url=”https://www.m-files.com/en” target=”blank” background=”#df2027″ color=”#ffffff” size=”10″ radius=”0″ icon=”icon: arrow-circle-right”]For more information on M-Files click here[/su_button]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Veeam

Mediclinic Middle East Partners with Veeam

Veeam Software announced it was selected by Mediclinic Middle East to modernize its business-continuity facilities and enhance…
Auth0

Auth0 Credential guard detects breached passwords

Auth0, a product unit within Okta, announced the general availability of Credential Guard, a new security feature that helps
Entrust

Entrust enhances remote signing solution

Entrust, a provider of trusted identities, payments, and data protection solutions, has announced that it has successfully completed Common
Data Protection

Expert advice for Data Protection and Privacy Day

Data Protection Day as it’s marked across Europe, or Data Privacy Day, internationally, is an annual marker in a very challenging
Entrust

Entrust enhances remote signing solution

Entrust, a provider of trusted identities, payments, and data protection solutions, has announced that it has successfully completed Common
Entrust

Entrust expands cloud security services footprint

Entrust, a  provider of trusted identities, payments, and data protection solutions has announced the geographic expansion of its nShield as a
Korea's Ministry of Science and ICT (MSIT) 2020 Business Report

Korea’s Ministry of Science and ICT (MSIT) 2020 Business Report

Development plans for privacy policy and de-identification technologies which managed to pass the Data Protection Regulations.
Rodney Foreman

Cobalt Iron Adds Rodney Foreman as Chief Revenue Officer

Cobalt Iron Inc., have announced the appointment of Rodney Foreman to the newly created position of chief revenue officer
Rodney Foreman

Cobalt Iron Adds Rodney Foreman as Chief Revenue Officer

Cobalt Iron Inc., have announced the appointment of Rodney Foreman to the newly created position of chief revenue officer
Mark Haper

Threats to Your Physical Data Destruction Process

Mark Harper of HSM, discusses how the media focus on cyber-attacks and digital data breaches means we are in danger of neglecting our physical information security.
Scroll to Top