When PricewaterhouseCoopers LLP, or PwC, surveyed legal and technology executives from major global firms earlier this year, it found that nearly all (92 percent) considered compliance with new European regulations governing data privacy to be the number one priority on the data management and security agenda. It didn’t take long after that for firms to begin calling PwC to discuss compliance strategies since the deadline is now a mere eight months away.

“When we crossed the one-year milestone in May, a lot of boards got exercised. The phone started to ring off the hook,” said Jay Cline (pictured, left), principal at PwC.

Cline and Jane Allen (pictured, right), principal and partner at PwC, spoke with Dave Vellante (@dvellante) and Stu Miniman (@stu), co-hosts of theCUBE, SiliconANGLE’s mobile livestreaming studio, during the Veritas Vision event in Las Vegas, Nevada. They discussed Europe’s data protection requirements, the cost of violating the new rules and solutions to ensure the right framework for compliance. (* Disclosure below.)

Fines and legal risk for non-compliance

The European rules, more commonly known as General Data Protection Regulation, requires that companies protect the personal data of European Union citizens for transactions inside member countries. “GDPR boils down to one proposition: being able to prove that you have control over peoples’ data. That summarizes the 72 different requirements of GDPR,” Cline said.

The cost of non-compliance with GDPR can be steep. Data privacy violations will trigger a fine based on four percent of global revenues, and class action lawsuits can be brought for business-to-consumer transactions that fail to meet protection requirements.

“Most companies are trying to figure out how to be compliant and what it is they actually need to do,” Allen said. “It’s a hot topic.”

Veritas Technologies LLC is a PwC client, and the two firms have been working together to provide client solutions, such as data scanning and profiling, which will identify information pools scattered throughout the enterprise. This involves coming up with an effective data discovery and classification approach that has to be scaled carefully to meet demands of the new law.

“If you scope GDPR too big, your compliance costs are through the roof. But if your scope it too small, your exposure is too big,” Cline stated.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of Veritas Vision 2017. (* Disclosure: TheCUBE is a paid media partner for Veritas Vision 2017. Neither Veritas Technologies LLC nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE