Although the privacy and personal data protection and the relevant needs for compliance with regulations have been at the forefront of the EU data economy market over several years, there is a perceived lack of easily usable tools to help especially SMEs/MEs, which still face multiple challenges related to data protection and GDPR compliance. Combined with the complexity introduced by data privacy, security, portability and governance requirements, the need for robust SME/ME-specific support measures are obvious and warranted. Although huge amounts are being spent by such enterprises to secure their data and achieve compliance, most of them remain unprotected both from data breaches/cyberthreats and the fines that may result from a lack of compliance.
IDIR is thus currently involved in the development of technological innovations which allow smaller enterprises to tap advanced cybersecurity capabilities, without allocating excessive financial or human resources. These innovations facilitate a digitally-assisted assessment of their current privacy and data protection risks, the drafting and enforcing of a unified GDPR-compliant privacy and data protection policy addressing the identified gaps; and, eventually, collecting, analysing and sharing critical privacy incident or data breach information over open-access platforms to facilitate both reporting to DPAs and responding faster to privacy-related threats.