The European Union’s General Data Protection Regulation (GDPR) took full effect on May 25, 2018. Per its official website, the Regulation spells out rules for protecting EU citizens regarding the processing and movement of their personal data. It also outlines the fundamental rights and freedoms of EU citizens with respect to their personal data. In the event an organization does not comply with GDPR’s requirements, they could incur an administrative fine of up to 20 million EUR or four percent of their total global annual turnover, whichever is higher.
One would think those penalties would be sufficient motivation for organizations to comply with the Regulation. But as it turns out, many organizations are still struggling with their GDPR compliance. Back in July 2018, for instance, TrustArc found that only one in five organizations in the United States, United Kingdom and European Union believed it had achieved compliance with GDPR. The International Association of Privacy Professionals (IAPP) discovered that 50 percent of firms were still non-compliant several months later in December 2018. More than a year after GDPR took effect, RSM learned that nearly a third of EU firms had not yet achieved compliance. The rate was even greater for UK firms at 50 percent through September 2019, per a report from Egress.
Companies clearly need help in complying with GDPR. To that end, a compliance checklist for entities that are actively working to comply with the Regulation is detailed below.
Implement Data Protection by Design
Consider Appointing a Data Protection Officer (DPO)
Uphold Responsibility Following a Data Breach
Contemplate Obtaining Certification of Your GDPR Compliance
Streamlining Your Organization’s GDPR Compliance Efforts
As the above checklist helps to demonstrate, organizations have a lot to consider when it comes to achieving compliance with GDPR. That’s why organizations would be best served by building a GDPR compliance program with the help of a trusted partner. Learn how ITEGRITI can help your organization get started on its path to GDPR compliance by clicking here.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of ITEGRITI, Inc.