With the Winter Olympics in full swing I’ve been watching people doing ridiculous feats and speeds on ice and snow; it can all appear to be very risky. There have been a number of injuries but nothing serious, but the worst accidents tend to be during practice for the competitions. For example, Shaun White, the winner of the Men’s Halfpipe, fell in New Zealand in 2017 resulting in 62 stitches (watch here – disturbing scenes) but came back to take his 3rd Olympic gold this week. These athletes don’t just stand at the top of ski-run and throw themselves off on the day, they prepare, train, fail, fix and, when it counts, make the near perfect runs.
Compliance should be considered an Olympic event. The General Data Protection Regulation (GDPR), specifically, is not something you want to throw yourself into in May 2018. It needs preparation, training, good fitness levels, trial and error and practice runs.
However, this appears to be the approach many organisations are taking; they either think that the new requirements are easy, won’t change how they do business or can be dealt with quickly just before the deadline. That is risky!
I’ve never been skiing but I can guess that:
- It’s not like anything I’ve done before, I will fail and need to learn new skills
- I will need to spend some money, equipment hire, ski-lifts, etc
- I will not be starting on a Black run or going off-piste on the first day, or the second – probably not the first trip
- When I stand at the top of a slope, it will look far more daunting that it did at the bottom
- I may not enjoy the experience, I could get injured; I need to be fitter
Being ready for GDPR needs immediate attention; you need to get learning, training and preparing. Your “systems and thinking” need to be ‘fit’ for purpose and in place. You may need to invest some of your resources in understanding what you need to do, taking actions and monitoring your progress.
Your first “downhill event” starts on 25th May 2018 and your competitors are… well, your competitors.