Data Breaches and the Financial Implications of GDPR

The consequences of not complying with the General Data Protection Regulation are high, and not just the financial implications.

The Information Commissioner’s Office (ICO) has gone some way to explaining the fines and penalties that organisations can face under GDPR.

 

But they have also said that the financial implications should not be the sole reason that you comply with GDPR.

 

The point of GDPR is to put the public and the individual first when it comes to what is done with their personal data and who has access to it. And it is that which should be the organisation’s driving force to be more transparent.

What fines can be imposed for GDPR non-compliance?

Previously, the maximum fines that could be given in the event of a breach of the Data Protection Act were £500,000. With the advent of the GDPR, the ICO has the power to impose fines much higher than that. It’s also true that companies are fearful of the maximum £17 million or 4% of turnover allowed under the new law.

Under the new law, the maximum fine is £17 million or 4% of an organisation’s annual turnover, whichever is greater.

But the ICO has a history of using fines as a last resort. After all, it’s aim is to ensure high standards are maintained and to arm organisations with as much information as possible. During the period of 2016/2017, the ICO concluded 17.300 cases, with only 16 of them resulting in a fine.

‘Like the DPA, the GDPR gives us a suite of sanctions to help organisations comply – warnings, reprimands, corrective orders.

While these will not hit organisations in the pocket – their reputations will suffer a significant blow.’

Elizabeth Denham, UK Information Commissioner, ICO

Use GDPR as a business differentiator

We have a range of options using ISMS.online

Achieve GDPR with a head start from ISMS.online

See the secure cloud software for yourself
ISMS Online Rating: 5 out of 5
Share This