A few weeks back I wrote an article for the British Computer Society (BCS) on GDPR compliance and the potential under-utilisation of IT professionals in GDPR compliance programmes.

Some of the key areas for IT professionals to potentially get more involved include:

  • enhancing the technology behind privacy notices on websites, mobile devices and IoT devices, such as through the use of appropriate XML scripting
  • development of a seamless mechanism to achieve "explicit consent" via an online, secure mechanism that has the property of non-repudiation
  • helping with the risk analysis process, utilising skills from information security risk analysis
  • "upskilling" to gain privacy qualifications
  • using software engineering concepts and methodologies to implement "privacy by design" and "by default"

Find out more via the BCS website article.

{ What can IT professionals do to help?