How utilities can prepare for GDPR

Changes to the governance of data which come into place in May 2018 will have far-reaching consequences for many businesses. The general data protection regulation (GDPR) will determine how businesses do business, and particularly how they manage, protect and administer data in the future. This is going to be a big challenge for the utilities sector in particular as they hold large amounts of customer data.

What utilities should consider

Ahead of May 2018 utility companies should be working towards compliance in a structured manner. This may include:

  • rolling out GDPR awareness programmes across the business; 
  • ensuring representation and input from all key business functions;
  • data mapping all personal data flows in and out of the organisation;
  • creating an information asset register; and
  • undertaking a gap analysis against the GDPR compliance requirements, including consent notices, privacy impact assessments and contractual arrangements with 3rd parties with whom personal data is shared.

Find out more about the general data protection regulation.