As the 25 May 2018 deadline for the General Data Protection Regulation (GDPR) looms ever closer, organizations of all sizes are busy getting their houses in order, in a bid to achieve compliance.

The GDPR affects organizations that deal with consumers and businesses in EU member states, and will transform the way that personal information is collected, stored, used, disclosed and disposed of.

While meeting regulatory obligations is a must, there is a danger of seeing the GDPR as a one-off, ‘tick the box’ activity, rather than a deliberate move towards a privacy-conscious culture, where transparency, citizens’ rights and accountability become second nature to all employees.

In this brief paper, we discuss five issues for you to consider, as you seek to make privacy an integral part of the way your organization does business.