"Time is a very precious commodity to all industry practitioners in operations and making time in a busy schedule to attend seminars and market events is extremely difficult. This journal brings thought-provoking articles and peer opinions to your desk and enables the time-constrained practitioner to gain an insight into market issues covering a wide range of topics. There are only a few journals with an operational focus; being peer reviewed ensures it has relevance and worth reading."
The General Data Protection Regulation: A Myth-buster
Click the button below to download the full text of the article.
Abstract: The General Data Protection Regulation1 (GDPR) is an undeniably complex piece of legislation. Privacy professionals everywhere, the present authors included, have a lot to learn and — thankfully — there have been many excellent articles written on the topic. For the most part, these focus on the changes that the GDPR will bring about and, specifically, the compliance actions that organisations must take. By contrast, less has been said about what the new law will not require. This might sound unsurprising (why would anyone want to know about things they do not need to do?) but it is important to remember that, during the course of its adoption, the text of the GDPR changed many times. As a result, some provisions that were originally proposed were dropped from the final law (or otherwise changed beyond recognition), and this inevitably created a certain amount of confusion. Then throw in a sprinkling of occasional misreporting, together with a chain of misinterpretations, and suddenly knowing what the law does not require becomes almost as important as knowing what it does require. Below, this paper sets out — in no particular order — a few of the most common misconceptions regarding the GDPR.
Keywords: GDPR, data protection, regulation, compliance