Regulatory compliance

The regulation of data protection and technology has become more and more stringent over the years, becoming global in scope.

A clear example of this is the General Data Protection Regulation (GDPR), approved in 2018 in order to create a legal framework for the protection of personal data and its free circulation that is common to the whole European Union.

Organisations must not only abide by local laws, but national and international ones as well. From the moment they plan to develop a product or offer a service, and regardless of whether they or a partner sells it to their customers, all the parties involved must keep this regulatory framework in mind.

Artificial Intelligence and Big Data have stirred a new debate in the regulatory framework. Both have introduced an ethical component into the debate, with everything that entails.

In late 2021, an agreement was reached between the European Parliament and Member States to push forward with the draft regulation on Data Governance. It was intended to create processes and structures to facilitate the exchange of data between all relevant actors. In 2022, further steps were taken in this direction with a new regulatory initiative: the Data Law, which is called upon to transform the European regulatory framework to promote uniformity and security in the fair use and access of this asset.

Even through the law has not yet gone into effect and is still subject to change, it is critical that businesses start to take this draft law into account in their activity. This will not only make it easier for them to keep their portfolio up to date once this law is green lit, but it will also show their customers and consumers that they care about any information that is created.

Organisations are required to develop new internal governance standards due to the emergence of different cloud services, such as SaaS, PaaS, IaaS and others. This involves establishing mechanisms to maintain control of applications and resources.

The reliance that companies have on the cloud creates major governance challenges in terms of complying with the organisation’s directives and keeping the entire workforce on the same page. Governance must define roles and hierarchies in a framework of common policies. It affects people, infrastructure, security, technology and processes, and is fundamental to the proper operation of the company.