Why Should I Worry About GDPR?
On April 14th, the European Parliament adopted the General Data Protection Regulation. Big deal? Well, sort of. The measure is to improve the levels of protection of European Union citizens’ data.
Still not convinced this has anything to do with you? If you are an American company doing business with EU countries, meaning you process or hold data of any EU citizen, fines for noncompliance can be as much as $21 million, or 4 percent of your organization’s worldwide turnover, whichever is greater. Not to worry. You still have a year, May 25th 2018, until you must comply.
It seems that most people are not worried about it either. In an October 2016 survey by Dell, 80 percent of companies surveyed knew little or nothing about the impending changes. In fact, 97 percent of companies had no plan in place to address the GDPR at all.
Even within the European Union, no one appears to be worried. A survey taken in early 2017 found only 68 percent of UK marketers thought their business might be ready to meet the GDPR May 2018 deadline.
But to give you some idea of the punitive impact this can have, in the UK in 2016, Tesco Bank experienced a data security breach that affected 9,000 of its customers. Had the GDPR been in force when this breach took place, Tesco Bank would have been fined £1.9 billion ($2.3 billion).
That figure alone should be motivation enough to put in place an action plan, or at least read up on the subject. Are you familiar with the GDPR and its possible impact on your organization? Too far away to worry about it? Before, or after the audit, get in touch with us, we’ll be glad to help.