No Third Party Can Guarantee GDPR Compliance

No third-party IT vendor or supplier can guarantee GDPR compliance, according to Mike Irvine CEng FBCS CITP, Ricoh Europe PLC’s Vice President & General Manager for Software & European Programme Management.

Delivering his keynote address at a ‘Print Security & GDPR’ event hosted by Ricoh UK at its Broadgate Tower showroom in London in February, Irvine explained whilst products and services exist that can help on the journey, it is the responsibility of individual organisations to achieve GDPR compliance across a much broader spectrum of key areas.

A key theme running throughout the event was the proliferation of ‘empty offers’ from some IT vendors and suppliers, amid the ‘GDPR hype’, promising a lot but failing to explain fully how their solution adds value, and unable to deliver on the guarantee of GDPR compliance.

Mike Irvine CEng FBCS CITP, Vice President & General Manager for Software & European Programme Management, Ricoh PLC said: “No vendor or supplier can guarantee GDPR compliance, and that responsibility starts and rests with each organisation.

“Ricoh uses the CIA (Confidentiality, Integrity & Availability) principles of privacy and security in every product and service we develop. These principles are very important to all organisations when they are deciding how to improve the security of their information systems.

“Security is intrinsic to everything we do, the Voice of the Customer programmes we have really influence the road map and the priority of what is brought to market.”

According to Irvine and speakers from Nuance and M2, the three key components to achieving GDPR compliance are data minimisation, business process reengineering and continual improvement of IT security.

One specific area described as a ‘quick win’ for smaller mid-market organisations with fewer devices is print security – securing documents at the point of input (scan and capture) and output (print) – as one of the most important steps to achieving GDPR compliance.

Bill Forest, IT Director, M2 added: “It’s important to remember whilst IT vendors and suppliers can organisations improve their GDPR health, no one product or service will categorically make you GDPR compliant.”

The following two tabs change content below.

David Dungay

Editor - Comms Business Magazine