On di.dk we use cookies for multiple purposes relating to functionality, web analyze, and marketing. If you continue, you accept cookies for these purposes. You can read more about cookies and change your cookie settings on this page.

Danish firms buy their way to GDPR compliance

Friday 25 May 2018 the EU’s General Data Protection Regulation comes into effect. Three out of ten companies in Denmark have paid for consulting services or hired extra staff in order to become compliant with the requirements, shows a new DI survey.
GDPR comes into effect on 25 May. A DI survey shows that 3 out 10 firms have bought their way to compliance.

Publiceret: 24.05.2018
Af Peter G. H. Madsen mail

The fear of enormous fines has boosted the demand for anything that can help companies get ready for the EU’s GDPR, which comes into effect on 25 May.

The internet is brimming with offers on everything from shredders to courses and consulting services for companies that do not feel that they posses the knowledge or tools necessary to comply with the new requirements for the processing of personal data.

It’s a busy time at law firm Plesner, says partner Michael Hopp.

“We’re surprised how late many people are taking action. It is all aspects of the new requirements people are asking us about,” says Michael Hopp, expert in data protection law, and adds:

“Some want us to do all the work for them. Some just want second opinions. But it’s getting a bit tight. It isn’t possible to take care of everything in just three days.”

See also: DI - You can trust Danish companies on personal data

Consultants are cheapest

A survey among DI’s members shows that many companies have had to look outside their own ranks to get a handle on the requirements in the new data protection laws.

In total, 30 per cent of companies say that they have either purchased consulting services and/or hired employees to ensure that they comply with GDPR.

One of the companies that has decided to bring in external consultants is Palsgaard Spær, which is Denmark’s biggest and oldest manufacturer of rafters.

“Essentially, it comes down to the fact that we do not have the competences necessary to ensure that we comply with GDPR ourselves. And since we don’t have the competences in-house, we’re forced to bring them in from outside,” says CEO Holger C. Hansen, and adds:

“Our calculations tell us that it’s cheaper to hire external help than to employ people ourselves to take care of it.”

See also: Dataprivacy - Only few companies are fully prepared

Lacking full understanding of new rules

At Palsgaard Spær, they have brought in external expertise from a local law firm, which is reviewing the entire business in order to locate shortcomings in the company’s processing of personal data – and in that connection, to identify what Palsgaard Spær can do themselves and where they will have to enlist help.

“There has been a lot of hype surrounding GDPR, and it’s something we’ve spent a lot of energy on. Currently, we do not have a complete picture of its implications, but we will,” says Holger C. Hansen.

Also Jutland-based Danlaser, which manufactures and supplies industrial metal solutions, has had major focus on how the company will comply with GDPR rules. The company’s management has familiarised itself with the rules and developed a policy, which has subsequently been reviewed with the advisory board, a supplement to the board of directors.

“We now have a clear policy for how we process personal data, and we have obtained signatures from our employees to confirm that they consent to our storing of necessary personal data,” says Pia Grandelag.

Don’t throw money at GDPR

According to Senior Consultant at DI, Morten Rosted Vang, it is important that companies carefully consider their needs for external support.

“It by no means all companies that require the help of consultants or lawyers to prepare for when GDPR comes into force. Naturally, there is a big difference between a big firm with several thousand employees and international sales and a smaller, more localised machine factory,” he says and adds:

“It is important, however, to note that no one can avoid dealing with personal data. It is essentially about creating a culture of better data discipline.”

Plenty of help for companies

With this in mind, DI has launched a comprehensive initiative to help member companies get ready. Among other things, DI has hosted a number of events, attended by over 2,000 companies in total. A special data protection website with guides and forms had also been set up, and DI’s lawyers offer legal advising and general guidance regarding GDPR.

“The goal is to reach 5,000 companies before May 25,” says Morten Rosted Vang.

It is his impression that companies now have far more focus on the processing of personal data than was the case just a few months ago.
“Earlier, many companies believed that the rules did not even apply to them. This is no longer the case. We are receiving very concrete and informed questions from member companies,” he says.

Clean up data

It is one thing, however, to be aware of the implications of GDPR. Complying with the requirements is a whole other story, and according to Morten Rosted Vang, it is unlikely that all companies will be ready by 25 May.

“The major challenge is to clean up data and delete the things that cannot justifiably be stored,” he says.

Partner Michael Hopp at law firm Plesner agrees with this assessment.

“There are definitely some companies that will not make it. In such cases, one has to focus on the most important part, and that is to be able to present an accurate privacy policy. You must be able to explain to employees, customers and partners what you use their data for,” he says.

See also: Blog - Time to boost EU's digital IQ

There are definitely some companies that will not make it. In such cases, one has to focus on the most important part, and that is to be able to present an accurate privacy policy.
PARTNER MICHAEL HOPP AT LAW FIRM PLESNER
More info
Kontakt image
Direct: +45 3377 4707
Mobile: +45 2291 5081
E-mail: morvdi.dk
Your e-mail address will be used solely for this newsletter subscription. You can unsubscribe at any time here.
PUBLISHED: 5/24/2018 LAST MODIFIED: 5/24/2018