Intelligent CIO Africa Issue 43 - Page 31

TALKING business ‘‘ At the onset of April 2016, the European Parliament approved the General Data Protection Regulation (GDPR), replacing its outdated Data Protection Directive which was introduced way back in 1995, and the legislation brought into force on 25 May 2018. The uniformity in GDPR makes it unique; unlike a directive that allows each of the 28 members of the EU to adopt and customise the law to the needs of its citizens, GDPR requires its full adoption with no leeway making it compulsory for every country to comply with. It applies to any organisation having data of European citizens. All organisations in the Middle East and Africa with any connection to Europe – whether through customers, affiliates or business partners – are impacted by the GDPR. The steps complying to the GDPR are supplemented by existing measures that many corporates in the region had adopted as a matter of good practice or to comply with local regimes. Need for a law against data collection A lot of organisations solely depend on customer acquisition via data collection that helps them to target and retarget their potential customers if they missed out on converting them before. Google, Apple, Facebook and Amazon hold huge amounts of customer data and frequently have been under the scrutiny of their users regarding the amount of data these organisations seek. The introduction of GDPR plays a pivotal role in the awareness of consumers and where they share their data now. Antoine Harb, Team Leader Middle East and North Africa at Kingston Technology, said: “GDPR regulations would keep a lot of companies under check when it comes to regulating data. Also, GDPR could serve as a catalyst for nations in the Middle East to enforce stronger privacy protections and breach disclosure requirements.” Organisations take a step forward in educating their employees When such stringent laws are there to protect consumer data; it becomes imperative for the organisations to instill Antoine Harb, Team Leader Middle East and North Africa at Kingston Technology “ WHEN SUCH STRINGENT LAWS ARE THERE TO PROTECT CONSUMER DATA; IT BECOMES IMPERATIVE FOR THE ORGANISATIONS TO INSTILL ETHICS INTO THEIR EMPLOYEES. ethics into their employees. An educated workforce is less likely to contravene good practice on data protection. It is a vital step in ensuring that your employees understand the moral code of conduct of not breaching consumer data. Employees must be involved in the dialogue about how the organisations INTELLIGENTCIO 31