GDPR - What's really at stake?
Still doubting whether the General Data Protection Regulation (GDPR) will actually make a difference when it comes into effect in May 2018?
Well new analysis by the NCC Group may quash any feelings of doubt you have. The report shows alarming figures that puts the true reality of GDPR into perspective.
According to the study, data protection fines imposed by the Information Commissioner's Office (ICO) against British companies in 2016, would have amounted to £69 million had GDPR applied. This is in stark contrast to the £880,500 that was actually the case - a difference of a staggering £68,119,500.
Employees at the NCC Group gathered their findings by looking into all ICO fines in 2015 and 2016. They used the current maximum penalty as a guide and created a model to determine what tier the fine would fall into, before comparing it to what the maximum fine would likely be with GDPR is in place.
As it stands at the moment, the ICO can issue fines of up to £500,000 for breaches of the Data Protection Act 1998. They are yet to exceed £400,000. However, when GDPR comes into full force on May 25th 2018, the more serious data protection breaches could result in companies facing fines of up to €20 million, or 4% of their global annual turnover - whichever is the highest.
For many businesses, this means that the possibility of insolvency or even closure as a result of GDPR penalties will soon become a very real threat.
So, with so much at stake, is it really worth taking the risk of getting it wrong? Make sure you know the steps you should be taking to avoid those hefty fines and get your business ready for GDPR.