Welcome to our video series, innovators in Privacy Tech! At our global user conference in London, PrivacyTECH, we interviewed the best and the brightest minds in the privacy industry for their insights on everything from the California Consumer Privacy Act (CCPA), the future of privacy, how to achieve sustainability in your privacy program and more.

Today we have Lawrie Siteman, Director at GDPR Specialists. GDPR Specialists is an organization of certified specialists for orchestrating the people, the policies, the procedures, the data sharing agreements and information surrounding the GDPR, its meaning, and its use. GDPR Specialists helps organizations manage the changes needed to take them to a compliant status.

Best Practices for Life after GDPR

Siteman notes that now since we’ve moved on from 5 months after the start of GDPR, one of the things that data protection officers can start to look at are the more tricky areas, the areas that might be more risky or that they might’ve overlooked, such as data transfers to India, China and other countries that have a less rigid control over the data protection side for personal data. Those areas- India and China do need to be carefully looked at, especially with the legal requirements to guarantee that the contracts are honored properly. According to Siteman, if you have support in a foreign country, then screen scraping, for example is considered a data transfer, which not a lot of people would consider. There’s not a very high level of risk there, because there’s only one screen of personal data at a time, but it is a risk to the organization that they should take care of.

One of the things that Siteman says companies should consider, is using specialists who can advise them in the areas where they may not be very well versed. One of the things he’s noticed speaking to many companies is that they are experts in their own areas, but they are not experts in the legal side or in the GDPR ramifications and the challenges that they could face. Having spoken to the ICO, Siteman notes that we know that they’ve got a friendly approach, unlike some of the other data protection agencies abroad. They want to encourage correct protection of personal data and they do that in very gentle ways. Elizabeth Dunham (UK Information Commissioner) is a particularly well versed individual in enhancing the ability of companies to comply with GDPR and protect personal data all the time.

Stay tuned for our the next Innovators in Privacy Tech post and visit our LinkedIn, Twitter and Facebook.  For more information, request a demo today and learn why OneTrust was named a leader in the Forrester New Wave™: GDPR and Privacy Management Software, Q4 2018