Cutting Through Conventional Wisdom

Dialogue around GDPR is too focused on the maximum allowable fines, exposure within departments like human resources and finance, the impact to financial services firms, and marketing departments getting crippled, according to thought leaders in the identity management and data protection space. The regulation was adopted by the European Union in April 2016, with enforcement slated to begin Friday. The rule -- which stands for the General Data Protection Regulation -- aims to give EU citizens and residents greater control over how their personal data is used.

Users will find that the right to have their data purged isn't applicable in all situations, while organizations will find themselves constrained on what information they can share with third parties even when the customer has consented to some data collection.

From the lack of a grace period to the need to avoid static compliance checklist, here's what 10 vendor and solution provider CEOs and technical leaders said are the biggest misconceptions around GDPR.