■■ ■ Identify red flags. Companies often lack
a sense of urgency in the area of data
protection. Set up precautionary practices
to ensure that company leadership
understands the importance of this area.
■■ ■ Follow the roadmap. A compliance roadmap
should be created to guarantee that the company
is prepared for any impending legislation.
■■ ■ Enter the DPO. The General Data Protection
Regulation requires the appointment of a
qualified data protection officer (DPO) to
help ensure that compliance measures are
met. Support from the board and senior
management is crucial for the DPO to succeed.
■■ ■ Establish a culture. An effective data protection
culture embeds data protection in the company,
ensures that people at all levels deal with
personal data responsibly, and outlines clear
policies and internal communications.