I can already see the headlines that move IT managers next week: "100 days until the GDPR is getting valid."
Do these "100 days" really hit the mark? I do not think so.
It's not the 100 days to 25 May that are important. Your attitude to privacy exactly after those 100 days is crucial. Whether you want privacy as a matter of course or as an annoying duty you have to comply with in order to avoid fines and reputation risks.
It is certainly important to actively support your own implementation project in the remaining time. But remember, privacy is not a project that's over in 100 days. It is an everyday challenge that will accompany you from now on.
My idea is to see data protection as an integral part of every personal data processing from now on. At least in Germany, you are fulfilling nothing less than a fundamental human right. And if you do the right way, then it will give you a competitive edge.
I wish everyone good luck with the implementation of the GDPR.
Ingo Goblirsch LL.M.
Datenschutz & Informationssicherheit