18 May GDPR: THE MYTHS BUSTED
Here are the comments we’ve heard about GDPR and the reasons they’re just Myths.
“THE UK WILL NOT ENFORCE GDPR FOLLOWING BREXIT”
Unlikely, as the UK was a key contributor to creating the new legislation and will likely map GDPR into post-Brexit law and replace the UK Data Protection Act.
“I AM A SMALL BUSINESS THEREFORE GDPR DOES NOT APPLY TO ME”
Whilst there are some concessions to micro and small businesses, particularly in relation to record keeping, the GDPR applies to all organisations ‘engaged in economic activities’ involving the processing of personal data.
“THERE WILL BE NO FINANCIAL PENALTIES FOR BREACHING GDPR LEGISLATION”
Organisations that are deemed ‘non-compliant’ can be fined up to 4% of annual global turnover or €20 Million, whichever is greater. These are maximum fines for the most serious infringements and fines will be tiered based on severity.
“MY DATA IS ENCRYPTED SO I DON’T NEED TO WORRY ABOUT FINES”
Fines can also be levelled for an infringement of the data controller or data processor obligations, not just security breaches.