Exterro asks: Is meeting regulatory data challenges more of a technology issue or a legal issue?
Today’s Legal GRC (Governance, Risk and Compliance) environment is getting increasingly complex. Recent regulatory changes around data protection, including the introduction of the GDPR, CCPA and other laws around the world, have caused a dramatic impact on organisations and how they are trying to respond to the new challenges posed in order to establish and maintain compliance.
This shift towards a focus on protecting personal data, due of course by regulations enforced with huge fines and reputational risk, brings with it a set of complexities that organisations need to address.
Traditionally, it was the legal department who felt the brunt and were tasked with solving these problems. But now, with extremely difficult challenges posed by these regulations, including tight deadlines, adherence to strict retention laws, cross-practice coherence with other regulatory burdens like data preservation (Legal Hold), increasing data security standards and individuals empowered with the right to ask organisations to disclose or even delete their personal information, there has been a clear shift from a legal issue to a technological issue.
Organisations simply cannot establish, or maintain, compliance without leveraging technology.
With historically different practices now overlapping and converging, as seen in examples such as with e-disclosure with data privacy, the same people using the same processes and technology, are now able to solve different problems across their organisation.
Exterro teamed up with Data Protection World Forum to discuss recent data protection regulations and how building compliance by design across your organisation, using strategies like a robust Data Inventory, has now become more crucial than ever.