Large businesses are often very complex, particularly those with subsidiary companies and holdings overseas. The majority of companies will have been working on becoming GDPR compliant for at least the last twelve months as the more complex the systems, the more work which will need to be done. Although there is now limited time to prepare with the deadline of 25th May 2018 looming, it is still feasible with a LOT of hard work. Non compliance by a large business will not be viewed favourably by the ICO who has employed more than 200 new staff to deal with GDPR. Fines can be as high as 4% of annual global turnover or €20 million, whichever is higher.
If you require consultancy services, including the provision of a Data Protection Officer please get in touch and we will be very happy to help. Although the majority of large organisations will have their own team working on GDPR, the Data Protection Officer takes the role of an independent auditor and so practically it may be hard to source a suitable person from staff actively working on GDPR related matters.