GDPR has been a constant business conversation over the last 18 months or so, it’s discussed in the press, on the news and social media, as well as a handful of episodes of this podcast. However, much of the conversation has focussed on what you should be considering and doing to take on the GDPR challenge, while very little has come from those who have already made great strides on their compliance journey.

With that in mind, a few weeks ago I read a fascinating series of blogs from software company Veeam, this series discussed the 5 principles they followed to build their compliance program. What was interesting, was this series of posts talked about the practical steps they took, not about the technology they deployed, or how their technology could help you, but a series of posts that shared their experiences and challenges they faced building their business compliance program.

As many of us are currently on our own compliance journey, I thought the opportunity to chat with someone who is already well down this path would be of real interest, so in this week’s podcast I’m joined by Mike Resseler, Mike is a Director of Product Management but is also a key member of Veeam’s global compliance team and has played a significant part in the way they have dealt with the challenges posed by GDPR.

In this week’s show Mike shares with us Veeam’s experience. We start at the beginning with the initial advice they took and research they did into what GDPR meant to them. We discuss the importance of putting together the right team to deal with business compliance and why it was important to realise the scope of the work they were about to undertake.

Mike also explains how it was important that Veeam saw GDPR as something that would have a positive impact on the business and how, although technology would play a part, this was something that would need a focus on people, workflow and procedures.

We also discussed how not everyone was enthused by the idea of business compliance and how they saw GDPR as just a European problem and how it was important that the compliance team educated all the business to the importance of compliance.

We also look at the practicalities of building a compliance program as Mike shares the 5 principles Veeam developed to help them, we look at those steps, knowing your data, managing your data, protecting the data, documentation and continual improvement. We discuss the importance of each step and the part they have played in building a global compliance program.

We wrap up looking at the future, discussing continual improvement, training and the way that Veeam are making compliance integral to everything they do across their business.

I hope you enjoy the fantastic insight that Mike provides into the way a company builds a compliance programme and tackles regulation such as GDPR.

To find out more from Mike you can find him on twitter @MikeResseler.

The original blog posts that inspired this episode can be found here https://www.veeam.com/executive-blog/our-journey-to-be-gdpr-compliant.html

Mike and his team have also produced this video in which they discuss how to accelerate your GDPR efforts https://www.veeam.com/veeamlive/accelerate-your-gdpr-efforts.html

Hope you enjoy the show and until next time, thanks for listening.