IBM has established a global readiness programme tasked with identifying the key impacts of the GDPR across IBM’s business and preparing IBM’s internal processes and commercial offerings for compliance with the GDPR. The programme is organised into several work streams, staffed with IBM’s top data privacy and security professionals. Focal points in each Business Unit are responsible for implementing the GDPR-related policy, system and business process changes mandated by the various key work streams.

This framework takes a holistic approach that spans people, processes and technology. It translates GDPR obligations into the concrete actions and outcomes that are needed to progress towards GDPR readiness. This close interlock helps to ensure that the best practices, solutions and services that IBM uses internally are the same as those we offer our clients.