Axians clarifies GDPR integration with digitalization efforts

IT services provider Axians is offering guidance on how the General Data Protection Regulation (GDPR) intersects with ongoing digitalization efforts. The company aims to help organizations understand and implement the necessary data protection measures.

The GDPR, effective from May 2018, fundamentally changed how companies handle personal data. Axians emphasizes the regulation's core principle: the processing of personal data is generally forbidden unless there is an explicit legal basis or permission. This requires businesses to actively identify and document the exceptions that permit data processing.

Axians notes that digitalization has expanded the scope of personal data processing significantly. Even business-to-business (B2B) companies process personal data, for instance, concerning their employees, business contacts, or website users. This can include IP addresses, log files, or customer databases. Companies must identify all points where personal data is handled and ensure its protection.

The company also addresses the substantial penalties for non-compliance, which can reach up to €20 million or 4% of global annual turnover. However, Axians suggests that GDPR presents opportunities alongside risks, potentially leading to more harmonized data protection standards across Europe and offering competitive advantages to compliant firms.

Axians recommends a strategic approach focusing on organizational adjustments and process adaptation, supported by appropriate software. Achieving GDPR compliance involves employee awareness, revising internal workflows, and utilizing tools to locate and manage sensitive data. The company offers workshops and analytical services to assist businesses in assessing their current status and developing a clear roadmap for adherence.