Protect, manage, and govern data in a tumultuous regulatory landscape
In the wake of the European Parliament’s approval of the General Data Protection Regulation (GDPR) on April 14, 2016, and the European Court of Justice’s (ECJ) decision in October 2015 to strike down the U.S.-EU Safe Harbor agreement governing cross-border transfers, many compliance leaders are struggling to interpret how those rulings and the proposed EU-U.S Privacy Shield (a new cross-border transfer framework entered into at a high level between the EU and U.S. Department of Commerce in February 2016) will impact their organization. While immediately taking action on the highest risk areas, compliance leads are simultaneously reevaluating their overall approach to privacy and compliance within their organizations, including roles and responsibilities, tools, risk assessments, and coordination across compliance, Information Technology (IT), legal, and internal audit functions.
This briefing document details how organizations are addressing privacy challenges in myriad ways. It includes insights from KPMG professionals’ firsthand discussions with executives and their stakeholders, and provides key takeaways to help organizations bolster privacy compliance efforts.