BUSINESS INSIGHTS
WHILE GDPR MAY NOT BE PERFECT LEGISLATION , THERE IS NO DENYING THAT IT HAS BROUGHT ABOUT A LANDMARK CHANGE IN HOW BUSINESSES COLLECT , PROCESS AND STORE PERSONAL DATA .
the overlap between various regulations to avoid redundancies .”
However , others point to the potential benefits of new legislation . “ As the government now has the opportunity to tailor legislation that is focused within specific market sectors , potential reforms can help organisations to achieve their goals where GDPR has been
too restrictive , preventing growth and prosperity ,” explained Vicky Withey , Head of Compliance , Node4 .
She added : “ The UK government understands the importance of protecting privacy rights to maintain the free flow of personal data across the EU . Still , it will also consider that data protection standards vary globally , and as a result , plans to introduce a Data Protection Reform Bill will be eagerly anticipated by organisations , legal and compliance bodies alike .”
Data protection in the world of AI
Whatever the legislation , it ’ s clear that a new challenge is dawning in the form of fast evolving technologies such as AI . Existing regulations have already begun to adapt to suit the needs .
Asha Palmer , SVP Compliance Solutions , Skillsoft , points out that in many ways , GDPR has been able to adapt to deal with AI . She noted : “ Because of GDPR , regulators have collected more than € 80 million in AI-related fines alone . Its strict regulations has many companies now considering best practices for making AI GDPR compliant .”
However , she added : “ As generative AI tools such as ChatGPT take the world by storm , organisations need to develop and update governance around its usage in the workplace , considering the security , privacy , confidentiality and ethical implications .
“ Creating a holistic generative AI governance structure that is sustainable , trustworthy and transparent will require shared accountability between those developing the tool and those using it . All stakeholders must come together to understand the risks and consider what protocols are , or should be , put in place to ensure GDPR compliance .”
Jakub Lewandowski , Global Data Governance Officer , Commvault , agreed . He said : “ With LLMs set to revolutionise the world , we can expect to see additional legislation to regulate its use and ensure data continues to be protected .”
He concluded : “ The UK Data Protection and Digital Information Bill ( DPDI Bill ), that will ultimately replace UK GDPR , is already more extensive in its regulations around automated decision-making , while an AI Act has already been proposed in the EU too . Luckily , the experience that privacy professionals gained through building and implementing GDPR frameworks will be a great starting place when the time comes to undertake a similar process with AI .” x
68 www . intelligentcxo . com