GDPR (General Data Protection Regulation) came into effect on the 25th of May 2018. It has already had a disruptive impact on some organizations which have faced a barrage of cases for claims for Data Breach. To help you and your customers understand the nuances of GDPR we bring you an APMG accredited eLearning to cater to some key topics, like Data Breach, Lawful Basis of Processing, International Data Transfers etc.
What is GDPR?
GDPR is the General Data Protection Regulation. It has been created by the European Parliament and Council to strengthen and unify data privacy for EU individuals as well as to regulate the international transfer of their data. It came into effect on 25th May 2018.
Why should organizations be concerned?
According to the Keeper Security and the Ponemon Institute 2017 report:
- Negligent employees are the no. 1 cause of data breaches at SMB’s
- 54% of IT professionals report careless workers as root cause of cyber-security incidents.
- The average cost of a cyber breach now exceeds $1 million. (This is before GDPR)
With enhanced fines for non-compliance of up to 20 Million Euro or 4% of global turnover, whichever is higher, it is essential that companies understand the compliance requirements under GDPR and the need for Data Privacy. Just how serious is the challenge can be understood by a recently released report by CompTIA in April 2018 focused on the US:
- 52% of 400 companies surveyed are still exploring applicability
- Only 13% say that they are ready
- Only 25% seem to be familiar with GDPR
- 33% of companies believe that it goes to effect at the end of 2018
- 66% are unaware of the hefty fines for non-compliance
It is evident from the studies above that the awareness of GDPR is almost non-existent in the companies to which this Data Protection policies apply. The repercussions of non-compliance are too devastating to be overlooked. There are pecuniary as well as restrictive penalties that can capsize a business. In order to stay ahead of the game, it is life-saving to stay abreast with the nuances of GDPR policies.