Nearly 6 months since the General data Protection Regulation (GDPR) was introduced across the EU, according to the Information Commissioner’s Office (ICO) complaints around Data Protection have nearly doubled in the United Kingdom.
GDPR was designed to give Data Subjects additional control over their personal data, with greater transparency and the looming risk of much larger fines to those in violation of the new rules.
The GDPR requires any business that suffers a data breach to inform its users/data subjects within 72 hrs of the breach being identified.
• Data protection complaints to the UK’s ICO rose to 4214 in July in comparison to just 2310 complaints received in May prior to the GDPR coming into force. A spokesperson for the ICO stated the increase was anticipated, as more users became aware of data protection because of publicity about the new rules and following a number of high-profile data scandals involving some well-known household names, like Morrison’s and Dixon’s Carphone.
• In July the ICO reported that since May 25th, it saw a four-fold increase in the number of breaches that organisations were self-reporting.
Experts note, however that the increase’s do not suggest that the volume of data breaches has abruptly gone up, but rather reflects the full scale of the data breach dilemma becoming better known.
Organisations that neglect to comply with GDPR can face fines of up to 4% of annual global revenue or €20 million, whichever is larger. To date none of the EU’s Data Protection Agency’s have imposed any penalties. Multiple DPA’s told the International Association of Privacy Professionals Advisor Newsletter that it’s just too soon.
We will be hosting a free online webinar on ‘GDPR 5 Months On’ on Tuesday October 16th at 11am, where we will look at the implications of GDPR on payroll processing and how employer’s can be demonstrate compliance by following a few, simple steps.