MICROSOFT has advised businesses in Nigeria to pay attention to the European Union’s General Data Protection Regulation (GDPR).
Mr John Edokpolor, Lead, Commercial Attorney, Microsoft Middle East and Africa Emerging Markets, said in Lagos recently that May 25 would be the deadline for compliance with the regulation.
Edokpolor spoke at a media briefing.
The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union. It addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
When the GDPR takes effect, it will replace the 1995 Data Protection Directive (Directive 95/46/EC). It was adopted on April 27, 2016. It becomes enforceable from May 25, 2018, after a two-year transition period.
Unlike a directive, it does not require national governments to pass any enabling legislation and so it is directly binding and applicable.
According to Edokpolor, failure to adhere to GDPR requirements can prevent trade and other dealings with EU businesses after the deadline.
“The new legislation is a milestone on a journey into a new era, where data is the fuel powering companies of all shapes and sizes, from all sectors.
“GDPR is a new European law designed to protect the privacy of citizens by setting new standards in terms of how personal data is handled.
“As the law affects any organisation with ties to Europe, it is relevant to businesses around the world,” he said.
Edokpolor said that as companies increasingly embraced the cloud, they have an unprecedented ability to capture and store massive amounts of data.
He said that advancement in business intelligence technology had given organisations the ability to pull insights from data predictive in nature.
He advised that businesses should be a step ahead of customer expectations and needs, instead of merely reacting to them.
“This is a significant step forward and truly marks the beginning of a new era, one in which data becomes the electricity powering companies.
“An updated governance framework for data protection is a logical policy component of this new age,” he said.
“Building on these rules, innovation coupled with trust among businesses and citizens will unlock productivity, help companies to keep their customers delighted and fuel a new generation of disruptors.
“Ultimately, all of these translate into growth,” he said.
He said that data which was the most important asset in a modern company’s business portfolio needed the GDPR as a logical policy since it would guarantee the privacy and integrity of individuals’ data.
Edokpolor said that, with the compliance deadline approaching, many companies were thinking of steps to take to meet the new privacy and data protection requirements as efficiently and effectively as possible.
He said that achieving this would depend on how the companies would address three things – people, processes, and preparedness.
The attorney listed some principles that could help to achieve the compliance to include effective data management and creation of data confidence culture.
According to him, effective data governance demands a people-first approach.
“Every business maintains strict processes for tracking revenue, costs, and all manner of financial flows.
“They don’t just do this because it is required, but because it makes business sense.
“You cannot map your company’s future if you do not know your current state of financial affairs to the bottom line.
“Companies need to maintain the same birds-eye-view of their data assets, via a solid data governance strategy,” he said.
“Edokpolor said that there was the need to place approach to data governance within the context of a broader digital transformation.
According to him, the May 25 deadline for GDPR compliance is not a final destination.
“Rather, it is just one stepping-stone in an ongoing journey toward realising the full potential of digital transformation across economies and communities.
“Establishing a firm approach to data governance represents one of the smartest investments a company can make,” he said.