Consequences of Non-Compliance
It’s critical that your organisation understands its GDPR risks as failure to comply can result in fines of up to the higher of €20 million, or 4% of the organisation’s annual global turnover.
However, the consequences of a data breach for your organisation can be greater than any imposed fine. Ensuring your organisation has a compliant GDPR framework in place means that you can respond quickly and effectively and reduce the potential reputational and financial risks if things go wrong.
GDPR – 6 Essentials
The GDPR applies to non-EU establishments where data is processed in connection with “offering goods or services” to European data subjects or “monitoring” their behaviour. Non-EU entities that are subject to the GDPR are required to designate a representative in an EU Member State (unless limited exceptions apply).
2. Principal Based Regulations
It is up to you to decide how to ensure that your organisation complies with the GDPR. Implementing a Demonstrable Compliance Framework, which sets out the technical and organisational measures you are taking to protect data will help you meet your obligations under the GDPR.
3. Openness and Transparency
The GDPR requires you to be open and transparent about how information is collected, stored, used and disclosed at every stage of the data lifecycle. Compliance with the GDPR helps consumers feel empowered and leads to more informed choices about your organisation’s activities which involve the collection of personal data.
Failure to comply with the GDPR can lead to fines for breaches of up to €20 million or 4% of global annual turnover, whichever is the greater. Remoteness will not be a defence.
5. EU Representative
An EU Representative keeps records of processing activities and is available to receive inquiries and complaints from EU data subjects. Your representative will liaise with Data Regulators as required and keep you abreast of regulatory changes or updates on GDPR guidance.
6. Privacy Health Checks
To ensure you remain compliant with the GDPR, we recommend conducting an annual privacy health checks to assess the degree to which your organisation is compliant with the law, vulnerable to privacy risks and whether it meets privacy best practice. GDPR Solutions can provide this health check and develop strategic solutions which take into consideration your business needs to strengthen your privacy and data handling frameworks to comply with the GDPR.