/ Security

GDPR: The €20 Million Fine for Violating Privacy

Gathering insights from customers, employees or research participants is vital to the operation of almost every company. Whether it’s market research data or customer experience feedback, this information is valuable to organizations in this era.

New privacy regulations will change how entities address and manage data privacy and security concerns and will probably convince you to change your operations around data collection to avoid fines or penalties.

The General Data Protection Regulation (GDPR) act will be enforced on May 25, 2018, primarily in Europe. This act will give people control over their personal data. This act is an overhaul of Europe’s existing privacy laws, which have been around since the mid 90’s and will come with new local laws in each EU territory.

GDPR will change how entities process personal data with market research participants, employees and customers in the following ways:

Permission
There is a higher bar for getting valid consent. Organizations who depend on consent as a basis for processing data should secure clear consent from users. These terms should be stated in clear, uncomplicated wording before collecting data. Organizations should document the information of the respondent and their consent. Respondents should also be able to revoke their consent whenever they please.

Data Breach Advisory
If a Data Breach should occur, organizations should inform authorities within 72 hours of said breach. Participants and customers should also be informed if the breach infringes on their personal rights. Organizations should provide participants with copies of personal data if asked.

Erasing Respondent Data
Data that respondents give should be treated with the highest respect. Organizations are obligated to erase all personal data of participants when it becomes no longer relevant or when consent is withdrawn.

Privacy
Privacy should be built into systems by default. Any system that analyzes personal data should collect only the data they need.

Not adhering to these principles can result in a fine of up to 4% of annual global turnover or €20 million. Many companies have not been compliant with GDPR, even though it has been topic for some time. Only 40% of European entities are ready, and, only 6% of North American are compliant.

Samelogic is GDPR compliant as it ready to help companies who can’t find organizations who adhere to these laws that offer similar services. Find out how today: https://www.samelogic.com

Dwayne Samuels

Dwayne Samuels

Cofounder & CEO @ Samelogic. I love videos. Even more, I love using ML to understand videos.

Read More