European Union implementing General Data Protection Regulation (GDPR) later this week presents a golden opportunity for India to build capabilities and create new lines of consulting businesses, and drive thought leadership in the global market, tech giant Microsoft said.
GDPR, which comes into effect from 25 May 2018, will bring in strict data privacy laws that aim to strengthen and protect the data of individuals within the EU and also deals with export of personal data outside the region. “The GDPR is the biggest change in European data protection laws in more than 20 years… It designates individual choice as a priority over everything else…It will govern how organisations within and outside the EU will collect, manage, process and protect personal data while respecting individual choice,” Microsoft India President Anant Maheshwari said in a blogpost.
He added that in February 2017, the Redmond-based company had said it would be GDPR compliant across its cloud services by the deadline. “To me, this is a golden opportunity for India to drive thought leadership in the global market. We can build expertise and capabilities, create new lines of advisory and consulting businesses develop a market differentiator and be a source of competitiveness,” he pointed.
Maheshwari pointed out the significant pace at which India is going towards cloud migration. “With millions going online for the first time, protecting their vulnerabilities cannot be compromised in our long march forward. The Supreme Court of India demonstrated its commitment to its citizens when it declared privacy a fundamental right last year, and now the onus is upon us as an industry to play our part,” he said.
Maheshwari said the company has over 300 full-time engineers focused on GDPR compliance and has adopted over 30 controls based on the new rules. The company has made significant investments in its products and services to help customers with GDPR compliance within Azure, Office 365, Windows, EMS, SQL Database and Dynamics 365, he said.
“We have been helping customers be GDPR-ready in time by providing the best data governance, security, and privacy tools in the market,” he added. Srinivas Rao, CEO of cybersecurity firm Aujas, echoed similar sentiments. “India has evolved to become a technology hub equipped with deep expertise and GDPR could be an opportunity for Indian companies to stand out as leaders in providing privacy compliant services and solutions,” he said.
Jaspreet Singh, Partner at EY, said GDPR is a business problem and needs to be handled by cross-functional teams within the organisation and security would act as the enabling function to enhance the protection of data. “GDPR would require significant training for security managers as this earmarks a significant change in the way organisations process data. This requires cultural changes within the organisation to focus on privacy,” he told.
While many may be worried about the implications of the new regulatory era, in reality, it will create trust and provide good practices that will benefit both the individuals and the business, believes Forcepoint Vice President (APAC) George Chang. “These laws collectively present a positive business opportunity, when approached in the right way. Compliance can drive operational efficiencies, cost-savings and even fuel innovation,” he said. Besides, with strong data protection strategies in place, customers will place greater confidence in businesses, and businesses will minimise the all-too-common reputational and financial fall-out of a breach, Chang added.