With a little over 2 months to go, make sure you’re not getting left behind, here are the basics about GDPR
GDPR is both complex and far reaching and presents a significant risk to all organisations in terms of high financial penalties and potential damage to their reputation.
What is GDPR?
We recommend checking the info on the ICO website for a complete breakdown on GDPR. To simplify, the GDPR replaces the Data Protection Directive 95/46/EC and was designed to harmonise data privacy laws across Europe, to protect and empower all EU citizen’s data privacy and to reshape the way organisations across the region approach data privacy. This regulation comes into force on the 25th May 2018.
But we’re leaving the EU!
We know, but the outcome of Brexit is yet to be fully understood and it is clear that the GDPR regulation will form part of the total EU legislation that the UK automatically enacts into UK law once Brexit takes effect. Therefore, for the foreseeable future, all UK organisations are subject to GDPR and the possible penalties that could come with it.
What if I don’t comply to GDPR?
You can be fined up to 4% of annual global turnover for breaching GDPR or €20 Million (whichever is the greater). This is the maximum fine that can be imposed for the most serious infringements e.g. not having sufficient customer consent to process data or violating the core of Privacy by Design concepts. There is a tiered approach to fines e.g. a company can be fined 2% for not having their records in order (article 28), not notifying the supervising authority and data subject about a breach or not conducting impact assessment. It is important to note that these rules apply to both controllers and processors — meaning ‘clouds’ will not be exempt from GDPR enforcement.
So the message is short and simple – comply or get fined. There is so much to take in and adhere to – why not let us help you?
email firstname.lastname@example.org for more