Some large fines have been levied since the regulation went into force May 25, 2018, and the one-year mark represents an opportunity to review compliance progress to date and to consider what work remains to fully comply with GDPR requirements.

What many organizations have discovered through the implementation process is that timely incident response is critical and mitigating ever-present cybersecurity risks is essential to maintaining data governance integrity.


S-RM’s Jamie Smith and Alex Evans recently joined IAPP and MetaCompliance to  discuss their thoughts on the last 12 months from a GDPR perspective:

  • Now that the dust and hype have settled, what GDPR activities are organizations currently focusing on?
  • What are the main challenges they faced in gearing up for compliance and during this first year of the regulation being in effect?
  • What part does cybersecurity play in mitigating privacy risk?
  • What are the essential elements of an incident response strategy?






Dave Cohen, CIPP/E, CIPP/US, Knowledge Manager, IAPP
Jamie Smith, Board Director, S-RM
Alex Evans, IT Security Consultant, S-RM
Robert O’Brien, CEO, MetaCompliance