We live in a world where the volume of data that is shared every day is growing at an incredible rate. It is expected to continue to grow over the next few years and into the future, highlighting the importance of handling data in the correct way. The majority of data consists of unstructured electronic information such as messages, emails or photos, which means that it is not stored in a structured database.
Businesses will be required to document all personal data that they hold under GDPR. They will also have to document its origin and where it has been shared. If businesses are unable to do this by May 2018, they may be required to create an information audit.
As part of GDPR and to ensure they compliance, businesses will have to maintain a high level of data hygiene. Therefore, they will be expected to put the correct measures in place to ensure that they meet the basic principles of data protection. This could include the likes of pseudonymisation, data minimisation as well as maintaining a high level of security as an ongoing concern. Under GDPR, managing data badly can lead to severe fines and that means that data security policies are no longer enough because they have to be seen to enforce them and communicate them.