Bojana Bellamy, president of the Centre for Information Policy Leadership at Hunton & Williams, recently participated in a video campaign to discuss how companies should prepare for the European Union’s General Data Protection Regulation and how to leverage the potential benefits beyond legal compliance.

As companies prepare for the May 25 deadline for GDPR compliance, Bellamy spoke with consulting firm Capgemini about how companies’ readiness for the GDPR requires a holistic approach to privacy, security and data management. She also discussed some key responsibilities of a chief information security officer in GDPR compliance.

“I think the role of a CISO is going to be critical in GDPR compliance, [particularly] with understanding data,” Bellamy said. “The GDPR requires [companies] to know the data they have, where it is held, the level of sensitivity of the data, as well as [keep] records of processing and mapping of data, and that’s what CISOs do very well.”

View Bellamy’s interview, GDPR Compliance: The Critical Role of the CISO, on Capgemini’s website.

CIPL has been working on a multi-stakeholder project on GDPR: Consistent Implementation and Interpretation, with a series of workshops and papers. All the published papers are available on

To assist in-house lawyers and privacy professionals with understanding the GDPR and planning for implementation, Hunton & Williams’ Global Privacy and Cybersecurity practice lawyers wrote The EU General Data Protection Regulation, a Guide for In-House Lawyers. For advice on these issues, and other questions including cybersecurity readiness planning, please contact