Businesses trnasacting business in the EU now have less than three months to complete the development of the systems and processes to comply with the strict new rules, full details on GDPR (General Data Protection Regulation) here, which include:
- Increased Territorial Scope (extra-territorial applicability)
- Penalties: organizations in breach of GDPR can be fined up to 4% of annual global turnover or €20 Million (whichever is greater).
- Consent: has to be clear and easy, and It must be as easy to withdraw consent as it is to give it.
- Data subject rights covering: Breach Notification; Right to Access; Right to be Forgotten; Data Portability; Privacy by Design; need for Data Protection Officers
The third biennial Ernst & Young 2018 Global Forensic Data Analytics Survey asked several questions with respect to readiness for the GDPR. The found that of the 745 responding finance executives:
- only 33% have an established plan for GDPR compliance (and another 39% signifying they are unfamiliar with the GDPR)
- GDPR compliance plan in place:
- Europe (60%)
- Africa and the Middle East (27%)
- Americas (13%)
- Asia-Pacific (12%).
Yet despite this lack of preparedness, respondents rank data protection and privacy risks as a top concern as they watch their overall risk profiles continue to expand.
What to do right now?
To get up to speed on CTMfile recommends:
- Get a copy of the Ernst & Young 2018 Global Forensic Data Analytics Survey
- take one of Thomson Reuters’s online training courses on GDPR
- In you’ve not started talk to one of the consultancies that specialise in GDPR immediately.
CTMfile take: 4% of your turnover could be way more than the cost of a cybersecurity breach???
GDPR and NIS: Risks and opportunities in data security
GDPR is just 10 weeks away but many organisations are not doing all they can to protect data privacy – and some are even missing out on opportunities through fear of collecting too much data
GDPR: a year away but 86% of companies worried about compliance
By May 2018, companies will have spent an average of €1.3 million ($1.4 million) on systems and training to comply with the General Data Protection Regulation
100 days to GDPR: majority of companies will be ready
In the count down to the EU's General Data Protection Regulation (GDPR), the majority of organisations worldwide are now ready to comply – having spent an average of US$1.5 million