Challenges and Opportunities in Planning and Impact of GDPR

Added on -2020-02-24

| 31 pages| 7491 words| 50 views

Trusted by 2+ million users,
1000+ happy students everyday

Showing pages 1 to 8 of 31 pages

Assignment One1CHALLENGES AND OPPORTUNITIES IN PLANNING AND IMPACT OF GDPRIMPLEMENTATION ON TWENTYCIStudent by (Name)Professor’s (Name)CollegeCourseDate
Assignment One21. Executive summary General Data Protection Regulation (GDPR) has in the present UK meant to replace theold data protection regulation of year 1998. The UK data protection act was passed by the 1995EU Data Protection Directives and attracts various immense fines for non-compliance and breachof the act by any organization. The act also presets rights to various clients on what and what notfirms managing their personal data can do with their personal data. The main aim of theimplementation of General Data Protection Regulation (GDPR) is to allow more rights to thepeople on how their personal data can be used and many of companies are yet to face challengesand also have various opportunities at the same time. The implementation of the General DataProtection Regulation (GDPR) implementation by TwentyCi will shake the operations of thefirm, management, leadership, timing and survival of the organization as key business deals arepersonal data. The content of this report therefore majors on the discussion of various challengesand opportunities which TwentyCi will experience due to General Data Protection Regulation(GDPR) implementation. Implementation of General Data Protection Regulation (GDPR) presents opportunities invarious sectors in the management, company survival, and finance and in other sectors within theorganization. However, the organization is likely to face challenges in direct marketing, supportemployee information as well as within the technology information area and finance. As result ofthe challenges and opportunities, the content further presents recommendations for General DataProtection Regulation (GDPR) implementation planning. The organization is recommended to
Assignment One3offer proper training to their workforce on the changes made within the system by the newregulation. The report concludes with another recommendation that the organization shouldemploy smooth implementation process with an understanding that the personal data of citizensin UK is protected.Table of Contents1. Executive summary.....................................................................................................................22. Introduction..................................................................................................................................43. Analysis.......................................................................................................................................53.1 Challenges and opportunities of General Data Protection Regulation (GDPR) implementation.............................................................................................................................53.1.1 Business Reputation........................................................................................................53.1.2Survival............................................................................................................................73.1.3Timing..............................................................................................................................83.1.4 Volume............................................................................................................................93.1.5 New Opportunities..........................................................................................................94. Conclusion.................................................................................................................................115. Recommendation.......................................................................................................................12
Assignment One4Assignment one 2. Introduction The content of this paper provides information to TwentyCi an organization which islikely to face challenges and opportunities due to the full implementation of GDPR by 2018.The content also discusses the General Data Protection Regulation (GDPR) with regards toTwentyCi as an organization that handles EU citizen’s personal information and doe marketingthrough the use of phones and mail. TwentyCi as one of the organizations which deals with dataand information according to the case study should comply with the General Data ProtectionRegulation (GDPR) by 25th May the year 2018. Various business organizations such asTwentyCi due to the constant changing nature of the market has over the time relied on personaldata for the development (Carey 2009). The company based on the their choice of operationsmust therefore comply to the various demands set by General Data Protection Regulation(GDPR).The compliance with the regulation will therefore ensure the effectiveness of the workdone by TwentyCi and increase and sustain high level of performance. General Data Protection Regulation (GDPR) according to the analysis almost similar tothe UK Data Protection act of 1998 and will affect all the organization which will have notcomplied by 25th May 2018. This therefore means that the main obligation and line of operationsby various organizations dealing with data is gathering of the data. If the organization can
Assignment One5explain clearly the reason why they are accumulating data and to what level they are doing so,the organization to this perspective is in very much compliance to regulations except for variouspolitical inclinations, opinions of religion as well as generic data. The regulations also demandsdeletion of data after its main purpose is meant. Being that TwentyCi as an organization fullyrely on collection of personal data, the regulations will therefore affect the firm’s customerrelation management (CRM), direct marketing, support service providers, financial managementsectors, support employee information as well as information technology. The implementation ofGeneral Data Protection Regulation (GDPR) will also present various opportunities as presentedwithin the discussion below. TwentyCi is one of the organizations which is controlling the dataand information industry in the UK and failure to prepare for the implementation of GeneralData Protection Regulation (GDPR) may destroy the company reputation in case other firms planis perfect compared its plan (Christer 2017). The implementation of General Data ProtectionRegulation (GDPR) will require TwentyCi to change the management system in order to complywith the demand of the regulation and maintain their reputations. The company will thereforeimprove and make appropriate changes on how to manage 3. Analysis 3.1 Challenges and opportunities of General Data Protection Regulation (GDPR) implementation 3.1.1 Business ReputationThe full implementation of the General Data Protection Regulation (GDPR) will resultpresent a lot of challenges and opportunities in relation to the survival of the TwentyCi as anorganization dealing with the gathering of data in UK. In relation to the reputation of the
Assignment One6organization, failure to fully prepare for the implementation may destroy the organizationsreputations. However, with proper planning and preparation for the full implementation of theGeneral Data Protection Regulation (GDPR by 25th may 2018 will result into an improvedorganizational reputation. Making proper changes in terms of management and organization ofthe human resource sector within the firm to secure reputation is one of the challenging issuesthe organization have to deal with before 25th May 2018. In order to secure the customer trustand loyalty which rely much on the firm’s reputation, TwentyCi will have to and must adopt amuch strict as well as costly process in dealing with data. The management of the organizationwill have to appoint skilled labor force to ensure that the firm’s reputation is maintained duringthe implementation process and after the implementation. The process of preserving theirreputation and the desire to remain at the top of the game is likely to be cost and may reflect onthe cost of service provision. Increased prices may in turn not be taken positively by some customers leading toreduced loyalty and poor reputation of TwentyCi as an organization. The cost of maintaining anorganization such as that of TwentyCi which is one of the top marketers in UK is high and themanagement of the organization has a serious obligation to meet. TwentyCi will have to reviewtheir whole system to comply with the requirements of General Data Protection Regulation(GDPR). The review of the whole process as already mentioned is likely to reflect to the cost ofoperations increasing the sales price. When sales prices of the services offered by a leading firmin the industry increases, the reputation of the firm goes own as it may lose customers to otherfirms destroying its reputations in the local market an internationally. The reputation of the firmis directly linked to the number of customers, where there few customers the reputation of the
Assignment One7company goes down. For TwentyCi to maintain their reputation as one of the top marketers inthe industry, the organization must develop a plan on how to cost effectively implement DataProtection Regulation (GDPR). 3.1.2Survival The survival of any organization in an industry highly depends on various factors withinthe industry and the general market. With the scale of the fine indicated within the DataProtection Regulation (GDPR) requirements, the survival of any firm within the marketersindustry has been threatened. The set penalties by the Data Protection Regulation (GDPR) forthe breach and non-compliance is quite high for any firm caught or not caught on the wrong sideof the regulation by GDPR. TwentyCi survival is therefore at a stake due to the high penalties onany offense in relation to Data Protection Regulation (GDPR). This is because any firm withinthe marketer industry is responsible for the transgression of Data Protection Regulation (GDPR)requirements. The survival of any firm while preparing and implementing the requirements ofData Protection Regulation (GDPR) is at a stake based on the kind of transition a firm has to gothrough before becoming in full compliance of the set regulation (De Hert and Papakonstantinou2012). TwentyCi being one of the firms in UK preparing for the implementation of DataProtection Regulation (GDPR) will have to go through a full transition to meet the regulations,the organization will have to absolutely renovate their system of gathering data, processingmethods, securing and storage of information, sharing and securely delete a personal data. Therenovation of the system will require a special team whose main objective is to manage Data
Assignment One8Protection Regulation (GDPR) for the company to survive. Data Protection Regulation (GDPR)has similar requirements meaning same standards for all firms within the industry. With similarstandards the survival of TwentyCi is threatened based on the increased competition as a resultof similar standards. The organization should therefore invest a lot on the appointment andestablishment of a right team which is a key factor to the firm’s survival and successful DataProtection Regulation (GDPR) preparedness (De Hert and Papakonstantinou 2012).. The organization will therefore be faced with several challenges in relation to thepreparedness and survival. TwentyCi should come up with a proper management team to remainat the top of the game which requires training and this may be a challenging to the firm toappoint. 3.1.3TimingTwentyCi is one of the organizations which are required by the Data ProtectionRegulation (GDPR) to comply with its regulations prior to 25th may 2018. There are only a fewmonths left and TwentyCi will need to come up with new policies and proper planning, test theprocedure and the plan in order to ensure that they are able to comply fully with various datarights within the time limits. The timing may be challenging to the organization based on thenumber factors they have to consider while preparing to implement Data Protection Regulation(GDPR). In such cases of urgency the firm will not only be required to make importantinvestments financially but consider investments in time as an important factor (Gilbert 2011).The process will involve portability of data thus time is required. The preparation for theimplementation of Data Protection Regulation (GDPR) will affect various sectors within the firm

Found this document preview useful?

You are reading a preview
Upload your documents to download
or
Become a Desklib member to get accesss

Premium

$45

Q&A Library Access

Chat support

12

Document Unlocks

4

Answer Unlocks

Students who viewed this