It is just over a year since the General Data Protection Regulations (GDPR) came into effect.
Organisations all over the country spent considerable time and energy working out what steps would be required to make themselves ready for compliance with the new General Data Protection Regulations..
One of the major incentives to get it right was the significant increase in potential fines, up to a maximum of 4% of turnover, or €20 million (whichever is the higher). There have been some pretty eye watering sums announced such as the €50 million fine given to Google by the French supervisory authority for various breaches of its GDPR privacy obligations.
Organisations should have by now carried out a full assessment of their data processing activities and any risks that may exist regarding the collection, storage and processing of personal data.
I believe the level of scrutiny of organisations to ensure their compliance with GDPR will increase. The privacy and security of data becomes ever more important in this technological world and effective measures to protect individuals, without stifling the efficient running of an organisation, will become critical as time progresses.
Posted by Nigel Whittle
The views expressed in this article are the personal views of the Author and other professionals may express different views. They may not be the views of Lambert Chapman LLP. The material in the article cannot and should not be considered as exhaustive. Professional advice should be sought in connection with any of the issues contained in the article and the implementation of any actions.