The General Data Protection Regulations (GDPR) came into force on the 25th of May, thrusting data protection into the public consciousness. But now the deadline has passed, and the barrage of 'keep in touch' emails has slowed to but a trickle we consider if we've indeed reached a turning point in data security & privacy.

If Google searches mirror public interest then if we take a look at Google Trends, we can see that searches for GDPR gradually increased over the last year, with a big spike in May 2018. Then, just as quickly the searches drop off as public interest goes elsewhere (searches for Love Island, for example, pick up in May and quickly achieve ten times more volume than even peak search for GDPR). This is a crude measure but would suggest that with the deadline passed and media spotlight elsewhere, the public interest in GDPR has gone.

However, in businesses across Europe, there is a sense that a lasting change has begun.  If the previous Data Protection Act was brought in to oversee the migration of data from paper-based systems to computers, then GDPR oversees the migration of data from individual computers to the cloud. Complying with the GDPR process has helped a lot of organisations to become leaner, digital businesses. A change has also started in the way data is perceived, once just the domain of the IT or accounts department, GDPR has made many organisations better understand the data they have and how they use it.

Having got this far, it would be a shame if your business forgot all the improvements made for GDPR. Whilst your competitors are only thinking about breach notifications and fines, you can make a lasting change to your organisation by continuing to improve processes and better understand your data. This way, the investment you have made in GDPR will continue to bring you benefits for years to come.

So GDPR is here, what next?