So what is GDPR (General Data Protection Regulation)?

Posted by El Hammond on Jul 24, 2019 7:22:00 AM
Find me on:
LinkedIn

 

iStock-907916858

GDPR mandates a ‘baseline set of standards for companies that handle EU citizens’ data, to better safeguard the processing and movement of citizens’ personal data’. AKA keeping you and your information safer in a world of increasing hack attacks, identity theft and data breaching. So now:

  • Your consent is required before companies can process your data
  • They must ‘anonymise’ your data when processed, to protect your privacy
  • Watertight methods must exist to handle data, between businesses and borders
  • There must be suitably assigned roles for Data Protection and Security officers.

There’s more to it, but you get the idea. This new law is a seeming pain in the butt for businesses and companies worldwide who operate, trade and engage with EU citizens, as non-compliance with new privacy laws can result in some head-spinning, earth-shattering and business-busting fines & penalties. Witness BA right now.

How much?

The law states that a company can be charged up to 4% of annual turnover, or €20 million (whichever is greater) for a single data breach, dependent on its scale and severity. Particularly for larger companies, you’re looking at business end of tens of millions of dollars, and that doesn’t cover the wider business impacts, including loss of public trust and brand reputation. All for a problem that could readily be avoided, with the right processes and tools. In Facebook’s 2014 case, this metric would translate to up to £1.4 Billion. For British Airways, this was a tasty £183 million, equating to 1.5% their 2018 revenue.

The airline, owned by IAG, states that it is ‘surprised and disappointed’ by the penalty from the ICO, as shares dropped as much as 1.95% in early trading as the news was announced. The fine landed the same day as the airline opened communication with its pilots, ‘in an effort to avert a potentially damaging summer strike’ (‘Isn’t it ironic’ plays softly in the distance). An analyst at Hargreaves Lansdown noted that the fine would make ‘a pretty big dent’ in IAG’s financial performance. Understatement mastered.

Lessons to learn

Whether it is ICO’s intention to make an example of British Airways and discourage others from becoming apathetic about adequate data management, there are some clear pointers we can all take from BA’s mistake.

  • There is never a good time for a bad fine
  • Do not mess with the ICO
  • Abide by General Data Protection Regulation
  • Correct Data handling is cheaper than the alternatives
  • Invest in cyber safety nets, systems and security to keep data personal!

Better safe than bankrupt.

Topics: GDPR

Powerful, Simple and Safe

Works like Magic

URIM makes your worklife easier. It’s a simple, powerful app that works on the principle that "knowledge is power". It takes the key information your mobile workforce needs and puts it at their fingertips.

 

 

Subscribe Here!

Recent Posts

Posts by Tag

Get In Touch!

130 Old Street, London, EC1V 9BD

sales@urim.app

UK Company Number: 11834782

ICO Reference: ZA509890

Additional Resources

© 2019 Urim. All Rights Reserved.