- March 23, 2021
CEELM’s Checking In feature editor, asked Data Protection experts the following question: Overall, how compliant would you say economic agents are with relevant local regulations on data protection, and what are the main gaps that have yet to be addressed?
Generally speaking, the majority of economic agents are expected to have already completed or at least have long-ago-initiated a compliance program to follow suit with the EU and Greek data protection legal frameworks, following, in particular, the GDPR enactment in May 2018.
However, such compliance is of a dynamic nature, requiring constant effort, even on a daily basis, and cannot be exhausted as a one-off project, especially taking into consideration the continuous developments in the field, mainly arising from the regulatory framework, as supplemented by instruments issued by the competent supervisory authorities (e.g. guidelines, recommendations).
It is necessary to have compliance programs evolve, moving from a baseline of compliance to a more mature level, including audits. Some businesses seem content enough with remaining at a limited compliance level, which they would have reached two or even three years ago. However, they fail to realize that the biggest challenge is the continuous monitoring of their compliance status, which, most likely, may now be incomplete and out of date.
Panagiotis Tampoureas, Senior Associate, DRAKOPOULOS