The General Data Protection Regulation (GDPR) will be applicable 26th of May 2018
Many organizations have initiated preparation and improvement initiatives to ensure compliance to GDPR. The complexity of GDPR poses the challenge of how to address the requirements; some regard it as an IT project since it (partially) relates to information stored in systems and applications. Others regard it as an Information and IT Security Initiative driven by the need to protect information.
We at Ascend believe that in order to reach GDPR compliance, there are several functions and areas in an organization that need to be involved and interact in the change journey. Only working together in coordination can an organization ensure to avoid potential fines and implications to the organization's brand.
As an example, see the request below from a former employee, requesting information to be deleted that lacks any legal basis to be stored or further porcessed: