GDPR implementation is harder than expected

Author: Olly Jackson | Published: 26 Oct 2018

Implementing the General Data Protection Regulation (GDPR) has been harder for companies than initially thought in spite of it being widely acknowledged as one of the most wide-ranging changes to data protection ever.

"The exponential increase in individual requests for accessing data and deleting data has caught many organisations by surprise," said Eduardo Ustaran, partner at Hogan Lovells.

While this may please regulators for showing that individuals are seeking to enforce their rights under the regulation, companies are also said to be over-notifying them in the event of a data breach, resulting in regulators being overwhelmed with work, as well as increasingly the likelihood of companies being penalised heavily.

Uncertainty also surrounds the various categories of data companies are expected to retain, and the various legal regimes and limitation periods for the data they hold....