Think the GDPR is like Y2K? Think again!

GDPR fine

The 25th of May 2018 has come and gone and most people are asking, “what about all the massive fines we were expecting to hear about?” or, “the GDPR was just another Y2K, there was a lot of hype but we’ve yet to hear of any enforcements, planes didn’t fall out of the sky” etc.

Be warned, just because we haven’t heard of enforcements and fines yet, doesn’t mean they aren’t coming.  An interesting article reported by the IAPP, based on feedback from Data Protection Authorities (DPAs) and rights groups, states that complaints and breaches reported to the DPAs/Supervisor Authorities have to go through a process which can take months before an enforcement is issued, with some DPAs stating they could take a minimum of six months from when the event is reported to when the fine or enforcement is issued. [see full article here].

In July, the Irish Data Protection Commission reported a significant increase in the number of data breach notifications they received since the GDPR came into effect [see here].   This isn’t surprising, given that the Accountability framework in the GDPR requires data controllers to report data breaches to the DPC within 72 hours of becoming aware of them.  Once received, the DPAs have to investigate and respond to each one.

So in applying the minimum six month wait time to these, the earliest we should be expecting to get news of fines and other enforcements such as an order to cease all processing, would be Dec 2018 timeframe.

Ensuring we can demonstrate compliant processes and put appropriate safeguards and technical measures in place to protect us from the most common data breaches reported by the DPAs, such as sending data to the wrong recipients, is the action we need to take if we haven’t already, because the GDPR is the law and unlike Y2K it isn’t going away.

To find out how Wizuda can help you avoid some of the most common data breaches – see here.

About Wizuda

Developing IT Solutions to Make Businesses Better

At Wizuda we focus on developing IT solutions which help businesses grow and empower people to collaborate and stay connected securely and compliantly. Specialists in secure data transfer since 2001, all development and support operations are carried out from our two Irish 

offices located in Dublin (Wizuda Headquarters) and Limerick. We pride ourselves in developing software solutions that allow organisations to take back control of their file transfer and data sharing operations, enabling them to operate efficiently, securely and compliantly

Quick Contact

Contact Us