skip to main content
Close Icon

In order to deliver a personalized, responsive service and to improve the site, we remember and store information about how you use it. This is done using simple text files called cookies which sit on your computer. By continuing to use this site and access its features, you are consenting to our use of cookies. To find out more about the way Informa uses cookies please go to our Cookie Policy page.

Global Search Configuration


Two primary approaches are emerging in the GDPR compliance solution market: those that depend more on technology and those that depend more on existing organizational processes and workflows. The better approach, however, is a matter of debate.


  • GDPR, as a rule, is technology-agnostic. While technology is a necessary component in controlling and managing data, the regulation puts emphasis on repeatable, documentable processes driven by established human roles and responsibilities.
  • The landscape of vendors offering GDPR-related solutions is largely evolving into two camps: those that take a technology-based approach and those that take a process-based approach.
  • Technology-based and process-based solutions each have optimal applications. However, the most successful solutions will likely be those that successfully take advantage of aspects of both approaches, applying each for their respective strengths.

Features and Benefits

  • Compares the two predominant approaches toward GDPR compliance solution functionality currently being taken by technology vendors in the market.
  • Assesses the distinctions between technology-based solution approaches and process-based solution approaches in the GDPR compliance solution market.
  • Identifies key characteristics of the GDPR framework that shape the functionality of GDPR compliance solution offerings.
  • Identifies examples of real-world GDPR requirements that benefit either from either a technology-based approach or a process-based approach.
  • Analyzes the respective strengths of the technology-based and process-based solution approaches in the context of GDPR requirements.

Key questions answered

  • How have GDPR's requirements and general framework led to the development of two distinct "camps" of approaches in the compliance solution market?
  • In the GDPR compliance solution market, what are the distinctions between the technology-based solution approach and the process-based solution approach?
  • With regard to GDPR compliance, what are the respective strengths of the technology-based solution approach and the process-based solution approach?
  • Why is neither approach (technology-based or process-based) likely to be successful in isolation for fulfilling GDPR's requirements?
  • What qualities will ultimately define the broadest, most successful GDPR compliance solutions?

Table of contents

Ovum view

  • Summary
  • GDPR's technology-agnostic framework underscores process
  • Two camps emerge in the compliance solution landscape
  • Process and technology: utilizing their respective strengths


  • Further reading
  • Author

Recommended Articles


Have any questions? Speak to a Specialist

Europe, Middle East & Africa team - +44 (0) 207 017 7700

Asia-Pacific team - +61 (0)3 960 16700

US team - +1 646 957 8878

+44 (0) 207 551 9047 - Operational from 09.00 - 17.00 UK time

You can also contact your named/allocated Client Services Executive using their direct dial.
PR enquiries - Call us at +44 7770704398 or email us at

Contact marketing -

Already an Ovum client? Login to the Knowledge Center now