Around 60% of the 56 companies who participated in the survey called “The Impact of the New Data Protection Regulations” conducted by PwC Romania stated that the implementation of the requirements of the General Data Protection Regulation (GDPR) was ongoing right after it entered into force, on May 25. The PwC Romania report’s purpose was to measure the implementation level of the GDPR requirements among the Romanian companies. The document shows that 12% of the companies who participated in the survey stated that they have completed the implementation of the Regulation’s requirements by the date of its entry into force. Most of them (57%) have up to 200 employees and operate in the pharmaceutical, financial, automotive and energy fields. The companies appreciate that the departments that are most affected by the implementation of the Regulation are the Human Resources Department (25%) and Customer Relationship Department (25%). The following department in this ranking is the IT Department (21%), while the Sales Department is ranked the third (18%).Other mentioned departments, in small percentages, are the Financial Department, as well as the Marketing, Legal and Risk Departments. “The entry into force of the Regulation caused a change of paradigm in the management of databases. We have noticed that certain fields of activity which are accustomed to the regulations that are specific to the information security (for instance the financial and telecommunication fields) have gone easier through the evaluation process of the impact of GDPR and started earlier to implement its requirements. It is extremely important to mention that the compliance process was not completed with the entry into force of the Regulation. A fair and complete analysis must be made on the internal processes and of the manner by which the information that was considered customary until recently is accessed or processed by a company”, stated Manuela Guia, Partner and Leader of the Legal Compliance and Data Protection Services Team, D&B David si Baias. The participants in the survey stated that the most common measures to implement the Regulation consist of adopting a data protection internal strategy or procedure (19%), or revising and adapting the internal procedures as a whole, in order to comply with the GDPR (19%). These solutions are preferred particularly by the companies operating in the financial services, retail and industrial production fields. Other mentioned measures include the improvement of the IT systems’ security (16%), the assessment of the contractual partners to which personal data is transferred (14%), the internal appointment of a person in charge with data protection (14%), the implementation of specific technologies (8%), the implementation of structural changes inside the organization and the appointment of a person in charge with the protection of the data sent outside the company (5%). As for the compliance with the Regulation’s requirements, 32% of the companies stated they are using or they intend to use automatic solutions in order to search and find personal data within the company. The same percentage of companies are using automatic solutions to detect and monitor the incidents and events with an impact on the personal data security. The list of the technologies used is completed by automatic solutions to detect and prevent the loss of personal data (28%). The companies operating in financial services, automotive, energy and pharmaceutical fields stated they use such technologies most often. “Our analysis shows that more and more companies appreciate that not only complying with the Regulation is important, but also strengthening, on this occasion, the protection of their own data against any possible cyberattack. However, the existence of a technology and its installation doesn’t always provide the necessary protection. It is necessary to build a system which integrates procedures and technologies that must work together in order to make the compliance process to be efficient. Of all these, the most important and at the same time the most easy to be defrauded is the user, the human resource. Continuous training and testing of the user for different scenarios is the most important issue related to a cyber security strategy. Even the most advanced prevention technology is totally inefficient when it is used by a human factor which is untrained or uninformed about the possible cyberattacks”, stated Mircea Bozga, Partner and Leader of the Risk Assurance Department of PwC Romania.
The post PwC Romania report: only 12% of the companies have completed the implementation of the GDPR requirements by May 25, 2018 appeared first on Nine O' Clock.
The 2025 edition of the year’s first major film fest in Europe (and one of the biggest worldwide), the Berlin International Film Festival, took place between 13 and 23 February. My notes come with a bit of delay, as I was also hit by the festival flu that got so many of us sniffling and […]
In the absence of current negative influences, Romania’s economy could have an annual growth potential of 3-4%. Political instability and global geopolitical risks are dampening growth. Economic growth in 2024 was driven by wage increases and accelerating consumption, satisfied however largely through imports. Due to a decline in domestic economic competitiveness, net exports contributed negatively […]
The Bucharest Stock Exchange (BVB) announced on Thursday, March 13, the launch of a new financial education section on the BVB Research Hub platform, dedicated to retail investors. The capital market operator said that it started this project out of the need to increase the level of financial education and promote the investment culture. It […]
The Romanian governing coalition's presidential candidate, Crin Antonescu, announced on Thursday, March 13, that he is launching a podcast designed to popularize his candidacy before the May elections. Antonescu, who is backed by the alliance made up of the Liberals (PNL), Social Democrats (PSD), the Democratic Alliance of Hungarians (UDMR), and the minorities, stated that he will […]
Some 4,500 teachers will learn about rights and responsibilities online, accessibility, inclusion, online well-being, and ethics as part of Incubatorul Civic Digital (ICD - The Civic Digital Incubator), a digital citizenship and democratic culture project implemented by Institutul Intercultural Timișoara, Asociația TechSoup and Școala de Valori. The project, which offers free training, is aimed at […]
Mihaela Murariu, Attorney at Law at Grecu Partners Business Law Firm, analyzes the impact of Artificial Intelligence on personal data protection. Artificial intelligence (AI) has become a ubiquitous technology, used in more and more fields, from marketing and healthcare to recruitment and financial services. However, the widespread use of AI raises numerous questions about privacy […]
