< Return to Insights

GDPR and The Cyclist – Sophie Johnson

Clare Elliott, 10th August 2017

This week I caught up with an old friend of mine, Ian Field; 5x National Cyclocross Champion and current team GB rider. As we swapped stories, I started reflecting on my time spent as a professional cyclist vs my time finding interim talent for organisations; specifically in helping them become GDPR compliant. I can’t help thinking just how different these worlds are.

Professional athletes are professional planners, with a whole lot of research thrown in. Every eventuality is researched, planned for, and practiced- multiple times. Ian will know months in advance which events he wants to compete in, where they are and what the likely conditions will be. This approach unfortunately leaves the corporate world with much to be desired, as this week alone I have had 3 conversations with CIO’s who are not even aware of GDPR and the subsequent data/ IT implications. I’m left contemplating why businesses are not approaching GDPR with the same diligence, care and planning as winning a gold medal.

My research, with information taken from a survey of 800 independent executives tells me that 62% of Interim Managers working on assignment are not confident the organisation they are engaged with will be compliant by 25th May 2018 (GDPR compliance deadline), and only 45% think the Senior Leadership Team appreciate the cultural implications associated with such large-scale change. These statistics really surprised me- both the lack of confidence and sheer number of businesses not on track. Although there are several times as an athlete you momentarily doubt yourself, you never really doubt your process; and therefore carry an overall confidence in your ability to win. When talking to Ian it is apparent he fully understands the implications of training, life, sponsors, and other commitments and has fully factored these into his plan. The result being a confidence and deep rooted belief he will succeed again in winning the National Championships. Again I’m wondering when the corporate penny will drop?

It would appear that the GDPR legislation is going to require more attention and investment than the current levels, which is why WBMS have developed a bespoke candidate pool to help meet such demand, and are equipping businesses with the necessary skills to become compliant.

As an athlete, I never hesitated in asking for help and recruiting the best talent to help me achieve my goals. This wasn’t because I had an unlimited budget- far from it, but because I was 100% focused on achieving my objective. Research tells me 47% of organisations feel they don’t have the internal capability needed to deliver a successful GDPR programme; would it be right to assume they will take the same approach as myself, and ask for help?

For these organisations who have recognised the need to recruit, but not yet executed, I’m not sure where the reluctance in the market stems from; is it the pressure to cut costs, the focus on trying to innovate, or is it arrogance that they will be “GDPR immune”? Either way I feel that at a strategic level the difference between my old world and current is vast.

< Return to Insights

By closing this box you are verifying that you accept our cookie policy, view our policy here