The GDPR went into effect in May of 2016. Organizations were given 2 years to get compliant before regulators would start to hand out fines. So why aren’t they compliant yet? And why can’t they even get the most basic thing sorted like the opt-in and opt-out on their sites?
We all know those NDA’s they make you sign before sharing important and sensitive data. As a consultant I’ve always got one on hand and I hope it shows the potential client that I take their privacy serious. Weirdly enough, not everybody sees the need. Quite often I hear a potential client say “Oh no, I trust you. It’s fine”. But is it? I’m not saying I can’t be trusted, but as an organization you’ve got your due diligence to take care of. And getting people to sign an NDA is a large part of that. Here’s why.