GDPR: Europe is applying harsh penalties for privacy violations
Prevent fines of up to 4% of your global annual sales by protecting the privacy of your customers and employees.
Organisations must inform citizens about how data is collected and processed, and they must do this in a way that can be easily understood.
Citizens will be able to transfer their data from one service provider to another, for example when switching mobile providers
3. Right to be forgotten
Companies must be able to erase personal data if the person in question requests it and no valid counter-argument can be provided – even if the data has already been shared with third parties.
4. Reporting obligation for data leaks
Companies are obliged to report a data breach within 72 hours unless it can be demonstrated that the leak is not a hazard to the personal data that has been collected.
General Data Protection Regulation
In May 2016, major new European privacy legislation concerning the protection and security of personal data became a reality. Companies and organisations that process the personal data of European Union citizens must be able to demonstrate that they have already taken all possible technical and organisational measures to protect this data.
To what extent does this new GDPR legislation have an impact on my organisation?
Do not be fooled into thinking this legislation does not apply to your organisation. Personal data, such as data about the health of an individual, as well as about his/her place of residence, travel habits, online behaviour and whether or not he or she is a member of a trade union or not. There is a significant chance that you manage this information about your customers or employees.
Questions and answers
Time is running out. Have you prepared yourself sufficiently for a cyber incident?
What fines can Europe impose on you?
If you are not in compliance with the legislation, this can have major consequences. One complaint can lead to an audit and fines of up to €20 million or 4% of your total worldwide annual turnover from the previous financial year. And this does not include lost customer confidence, falling sales, brand and reputational damage and possible lawsuits.
What is the chance that a data breach will happen to you?
Are you still in denial; do you still think it could never happen to you? Think again. Hackers are no longer the bad boys or whizz kids of old. Cybercrime has increased. Cyber attacks are increasing in number, size, inventiveness and complexity. SMEs have now become a lucrative target group. You can no longer ignore online information and knowledge sharing. A privacy and cyber security policy is therefore not a luxury, but it still requires a lot of expertise and insight of a very complex matter.
Do I still have time to prepare myself?
You had until 25 May 2018 to get yourself in order and to develop a data protection policy. Since then fines will be applied. But it is important to prepare for the transition to the new regulations to proceed smoothly. Ensure you have the support and cooperation of some key figures in your organisation. For example, you must put new procedures in place that guarantee the rights of the data subject whose data you hold. In a large company or more complex organisation, this can have significant consequences in terms of budget, ICT, personnel, policy and communication.
Take the right steps today to comply with GDPR and your data security
Tackle the proverbial elephant in the room. Our GDPR QuickStart offers you – with limited investment of time and money – a foothold in the form of two clear and strategically-applicable reports tailored to your organisation: more info about our QuickStart!