The ‘way of the Japanese’ could help companies adhere to the new European data rules.
That is the view of Herve Buttignol, information systems officer at Clarion Europe, a Japanese manufacturer of car equipment such as navigation systems which is majority owned by tech giant Hitachi.
The General Data Protection Regulation comes into force today. Companies have had two years to overhaul their internal data sharing processes to ensure their organisation is fully compliant.
“One of the most difficult changes to implement is not necessarily a technical one,” Buttignol told BusinessCloud. “Corporate culture goes a long way to determining the manner in which international businesses operate – especially in terms of data protection.
“Clarion is a subsidiary of Hitachi and has a distinctly Japanese culture focused on awareness and preparation.
“GDPR is not a one-off action but an ongoing process.”
To comply with GDPR, multinational companies are facing a harsh reality – and potentially fines of up to four per cent of global annual turnover or €20 million, whichever value is greater.
However Buttignol says the rewards at the end of the process will be significant for those who make a great effort to clean up their processes when it comes to data.
“Until now they have only been subject to national legislation,” he continued. “The result was systems and data processing policies that varied from country to country – sometimes significantly.
“However there are many international corporations who view GDPR as a real opportunity: to clean up their databases and define the data controllers; to improve the quality of customer relationships and the transparency of the data they hold.
“Every large business will hold data that could be considered as sensitive – whether that is HR data, client and supplier contact information or logistics documents.
“Suddenly, global companies are asking questions many have never considered before: Is it necessary to transmit this automatically to head office? How do we reduce the amount of data being transferred? How can we secure data in case of a cyber-breach?
“Strangely, by imposing an in-depth self-examination into the way businesses operate, GDPR has presented an opportunity to make Europe a focus; creating a beacon for improved relationships between some of the world’s biggest organisations and the wider population.”
He says that from a technical perspective, there are three things all multinationals should be doing to ensure compliance.
“They must improve the management and security of data, including regular reviews – and respect an individual’s ‘right to be forgotten’.
“They must limit unnecessary data transfers and ensure any data sent is encrypted.
“And they must inform relevant people and organisations immediately in the event of a data breach.”