A few weeks back I wrote an article for the British Computer Society (BCS) on GDPR compliance and the potential under-utilisation of IT professionals in GDPR compliance programmes.  

Some of the key areas for IT professionals to potentially get more involved include:

  •  enhancing the technology behind privacy notices on websites, mobile devices and IoT devices, such as through the use of appropriate XML scripting
  •  development of a seamless mechanism to achieve "explicit consent" via an online, secure mechanism that has the property of non-repudiation
  •  helping with the risk analysis process, utilising skills from information security risk analysis
  •  "upskilling" to gain privacy qualifications
  •  using software engineering concepts and methodologies to implement "privacy by design" and "by default"

Find out more via the BCS website article.