UK 
United States
Organisations are being forced to pay attention to the way they handle data, with the incoming General Data Protection Regulation (GDPR) requiring that businesses demonstrate compliance, come May 2018.
Although there is widespread awareness of the regulation, and firms have begun taking measures to become GDPR ready, there is a lack of information on who, exactly, should be spearheading this movement towards rigorous data protection.
Whilst governing bodies worldwide have enacted different data protection regulations across varying industries, there is no individual or team solely responsible, as GDPR will impact all areas of business.
During a recent webinar, Alan Calder, Founder & Executive Chair of IT Governance, pointed out that GDPR must be applied with the same approach given to health and safety. Accountability starts with the Board, who should ensure the firm is on the corporate risk register, and the Board should nominate responsibility to a Director to apply GDPR.
