Data Management: The Missing Link in Preparing for Data Privacy Regulations
Abstract
Recent data privacy regulations have created a shift in the balance of power of data from businesses to the individual. The EU’s General Data Protection Regulation (GDPR), enacted in April 2016 with a two-year grace period and enforcement starting on May 25, 2018, and the California Consumer Privacy Act (CCPA), enacted one month later with an effective date of January 1, 2020 — with a 12-month look-back period — mean that protecting personal data is the new normal, compelling businesses around the world to re-examine how they gather, store, process, and disclose information.