Europe [Bedrijfsinformatie]

  1. Thuis
  2. News
  3. Blog
  4. The GDPR and its implications on International Corporate Groups

The GDPR and its implications on International Corporate Groups

By Hervé Buttignol
By Hervé Buttignol
Information Systems Officer at Clarion Europe
With the imminent arrival of the General Data Protection Regulation (GDPR), compliance is at the forefront of all discussions.  In Europe of course, but also worldwide, this May sets the scene for the actual deadline.  Compliance with this mysterious acronym is an issue locally, that is being encountered by an unusual reaction within headquarters themselves, even if they are 10.000 km from Paris or Berlin ... Senior management is coming together to rethink their internal processes.

Internationally standardised Data Management

In order to comply with the GDPR, multinationals are facing a harsh reality. Introduced in different areas and subject to national legislation, until now, they implemented safety regulations and database management that was often diverse. Hence, the harmonisation of processes and compliance will require unequalled efforts in each of the countries in which they operate.Compared with other European entities, the German affiliates are clearly more advanced in this respect, having already incorporated the new European requirements in this area into their Federal Law on Data Protection since 25 August 2017 (New Bundesdatenschutzgesetz, German Data Protection Act (BDSG)).
For everybody, the GDPR should be viewed as a real opportunity to modernise the processes: Clean up their database and define the data controllers, providing quality and transparency of their databases.HR data, contacts of clients and suppliers, logistics documents: data that could be considered by the National Commission for Information Technology and Civil Liberties (CNIL) as sensitive can be found in every company.
The GDPR also obliges multinationals to think about the design of their ERP Systems and their intranet and the transmission of data. Is it necessary to transmit this automatically to the Head Office? Should we allow access to data from one country to other international entities? How do we reduce the amount of data being transferred?

Drawing on the Group's corporate culture: the example of Japan

To successfully effect all these changes, it would be interesting to reflect on how the Group’s corporate culture can contribute to this. Japanese companies have the distinctive characteristic of reacting immediately and in good time, in order to avoid any type of risk. For them, awareness material, reports and new confidentiality clauses are the vigorous means being deployed over the past few months, in order to avoid contravening the law. The process is already set in motion.

At the same time, the GDPR is not a one-off action, but a process that has started.

It entails continuous work throughout its period of validity, in particular with regard to respecting its users "right to be forgotten" (RTBF), that is to say, the obligation to systematically erase data that is not "necessary" for the conclusion of a contract, for example. Japanese companies, who place awareness and learning at the heart of any change, have true strength in this area: To transform, while at the same time, supporting its subsidiaries and services in this transformation process, with this personal attachment that differentiates them from so many other cultures.

The GDPR, a challenge for the future

Europe is not always among the top priorities of the large multinationals, who in their growth dynamic closely observe the leading markets that play a dominant role such as the United States, or the new vectors for development that include certain emerging countries. The GDPR was the opportunity to make our continent among the top priorities, by imposing an in-depth introspection on everybody. This requires an intense process of reflection in order to revise the rules for collaboration between the headquarters and the European entities ... but not only! This European requirement was first discussed with irony, perhaps even a touch of contempt by certain external observers. Nevertheless, global current affairs have caught up with the European warnings. The whole world understands the importance of the 25th May, which, we can assume, will be a reference date for everybody.
The challenge of the respect for privacy is not only a European issue, it is indeed global.  A few weeks would have sufficed for everybody to understand it.
  1. Thuis
  2. News
  3. Blog
  4. The GDPR and its implications on International Corporate Groups

Startpagina