The size of the IT industry in the top two EU member states—that is, Germany and France—is estimated to be around 155–220 billion USD.1 For the Indian IT industry to continue to do business in Europe, it needs to comply with the GDPR. In the event of non-compliance on the part of Indian companies, the GDPR imposes a penalty of 20 million EUR or 4% of a company’s global turnover.
Read more about what organisations need to do in order to comply with the GDPR here: How can Indian organisations prepare for the GDPR regime?
Indian companies need to carefully look at the requirements for GDPR compliance. They need to:
In addition to the above, organisations should focus on updating existing/deploying new technologies to help address key areas and challenges. Some of the leading practices include:
To conclude, the regulation and its enforcement may appear to be daunting to many organisations. There is also a cultural change in the way organisations are starting to handle personal data and provide services to their customers. Current developments and changes being proposed in our privacy landscape, coupled with strong technical capabilities, provide great opportunities for Indian companies to align their services and data handling processes to global standards and become market differentiators in the arena of data privacy and protection.
© 2018 - Sat Aug 24 19:11:28 UTC 2019 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details.