Editor’s Note: This post was originally published in August 2018 by insight.tech www.insight.tech.com
GDPR is a fundamental shift in personal data ownership—and it’s not just Europe. Falling like dominos, the adoption of similar privacy legislation is spreading. A case in point is the recently adopted California Privacy Act. And Canada, Japan, and Australia are implementing comparable legislation or updating their privacy laws to mirror GDPR.
Although companies have had two years to prepare for GDPR, many remained in the dark about the impact of the new rules on their business until those rules took effect on May 25 of this year. Many chose to take a “wait and see” approach. “It hasn’t been a reality until now,” explained Jerrod Bailey, chief strategy officer for IntraEdge, maker of GDPR Edge, an enterprise compliance solution.
“We have companies that have come to us since the May 25th deadline and in some cases, they have received 10,000 requests in the first week. These companies were prepared for tens, a dozen requests. They weren’t prepared for 10,000.”
The punitive risks are substantial, with fines up to €20 million or 4 percent of annual global revenue, whichever is higher. Especially in the retail industry, the search is on for a path to meet at least the minimum GDPR regulatory requirements. One that is quick, with minimum disruption, won’t cost an arm and leg, and will deal with future changes in both the regulatory and system environments.
Giving Retailers the Edge on Compliance
In partnership with Intel®, IntraEdge built Truyo, previously GDPR Edge—a unique solution designed specifically to address the requirements of the regulation. The system uses highly secure blockchain technology to protect data and enable compliance throughout multiple touchpoints, which can be especially important to retailers.
“One of the major areas where retailers are collecting data is at the point-of-sale,” explained Bailey. “A lot of retailers just don’t have any compliance solutions for point-of-sale. We have the ability to integrate about 98 percent of the point-of-sales systems out there.”
The company was able to help one online-only retailer automate compliance across all its brands in the EU. In eight weeks, the retailer had three primary and independent systems feeding diverse customer information into a single data lake. As consumers interact with the brand online and make purchases, transactions receive a unique tag, so they can be easily found. The process allows the retailer to demonstrate compliance with critical elements of the GDPR, with a minimal burden on operations and at a fraction of the cost of developing a custom solution.