The EU’s new General Data Protection Regulation (GDPR) sets forth a “lawful basis” for collecting and processing personal information. It will require most organizations to significantly improve data management and security, but most organizations are not ready to comply, especially with the requirement to demonstrate compliance. Fortunately, a company’s existing GRC tools, which are designed as central repositories for documenting and reporting on internal governance activities, can help organizations quickly implement the tracking processes necessary to…
