Technology supports and enhances almost every move we make as humans. From intricate banking procedures to shopping for groceries - every activity that we have embarked upon has been greatly influenced by technology. As the world becomes more interconnected, we also become more susceptible to risks. Just last week, one of the largest cyber attacks was announced, exposing the personal data of over 44% of the American population.
The General Data Protection Regulation will be enforced globally on May 6, 2018. Technically, your enterprise has until then to comply with the strict regulations. We’ve outlined the 6 major changes that the GDPR will bring to your company in this previous blogpost. Even if your company is not located within the European Union, if you process the personal data of European citizens, your company must comply (see Art. 3 GDPR).
The focus of today’s blog is on GDPR penalties for failure to comply.
Time is counting down to the GDPR enforcement date - 25 May 2018. As of today, organizations worldwide have around 8 months to be fully compliant with the European General Data Protection Regulation.
This is what industry leaders are saying about the impending regulation:
Many companies incorrectly believe that the GDPR doesn’t affect organizations outside of the European continent. Nothing could be more incorrect.
The European Union's General Data Protection Regulation, which will be enforced beginning in May 2018, will affect all organizations that handle Europeans' personal data - no matter where it is stored - Ohio, Singapore, or São Paulo.
There's no question - The European Commission cares about the protection of your data. From early 2012 until now, the European Commission, the Council, and the Parliament has continually met to update the laws and regulations regarding the data protection of its citizens.
In this article we summarize the history of EU data protection.
As you may know, the EU's General Data Protection Regulation (GDPR) will be in full effect on May 25, 2018. As we discussed in a previous article, the aims of this regulation are to protect the fundamental rights and freedoms of natural persons and to also ensure their right to protection of personal data as well as the free movement of said data.
Companies have to work through a large number of complicated steps in order to become fully compliant with the new EU-GDPR. Significant additional expense is to be expected on the part of the organizations. According to a current Ponemon study, more than one third of surveyed German companies said they had not yet taken any steps towards ensuring GDPR compliance.2 Equally concerning is the fact that only 38 percent of global businesses have a specific implementation plan.3 This is due among other things to the imprecise wording of the data protection regulation, which is causing confusion and problems in implementation. Some degree of legal uncertainty is therefore to be expected in the early stages.