Regulator Ready reporting means you have the capacity to efficiently generate required reports that clearly tell a story reflecting your organization’s GDPR compliance and accountability.
To understand the growing need for Regulator Ready reporting, imagine the following scenarios.
- In the first situation, your organization experiences a breach. Within a short period of time, and reactively, the Regulator is on your doorstep.
- In a second scenario, your organization has not had a breach or any other public privacy incident, but the Regulator comes knocking at your door, expecting to assess your organizations GDPR compliance.
- In the final scenario, you may be launching a new product or service that has privacy implications. Your organization initiates a meeting with the Regulator to provide assurance that not only is your product GDPR compliant but that you have considered privacy by design in the product itself as well as embedded it throughout your organization.
In any of these scenarios, you want to be able to deliver “Regulator Ready” reporting.
"Regulator Ready” is no longer theoretical
The Dutch Data Protection Authority began an exploratory investigation (Source: https://autoriteitpersoonsgegevens.nl/en/news/dutch-dpa-microsoft-breaches-data-protection-law-windows-10) into how well large organisations are complying with the GDPR. They will be asking specifically for evidence of a records of processing which is required by Article 30.