In an earlier post related to the GDPR, (Have you figured out how the GDPR will impact your mobility program?) we reviewed many details related to the soon-to-take-effect law designed to drastically enhance data protection for EU residents and provide a consolidated framework to guide business usage of personal data across the EU.
In the previously mentioned post, we described the scale and the degree of severity for those that do not comply. While fines for data breaches and infringements will be reviewed on a case by case basis, there are really two levels of fines. The first is up to €10 million or 2% of the company’s global annual turnover of the previous financial year, whichever is higher. The second is up to €20 million or 4% of the company’s global annual turnover of the previous financial year, whichever is higher. These fines are attention-grabbing and are a motivation for companies to ensure compliance with this regulation.
This article, from HR Grapevine, (Sound the alarm: Reporting data breaches under GDPR) discusses the requirements for companies when it comes to data breaches for any reason, and explains the role of the Information Commissioners Office (ICO).
As May swiftly approaches, will you be up-to-speed on securing your employee's data within your mobility program?