The GDPR enforcement date has passed and, as you might have already heard, well-known companies are feeling the impact of not being fully prepared. These companies are facing potentially significant costs from lawsuits, fines, and from having to speed up the development and deployment of their GDPR compliance strategies.
Data protection has also gone global. Governments around the world, including Canada and Australia, have already released regulations similar to GDPR to better protect their citizens’ data privacy and security. Numerous experts predict that in coming years laws resembling the GDPR will be established outside the EU.
To review, penalties for non-compliance jointly apply to both Data Controllers and Data Processors, as both roles have responsibilities under GDPR. Infringements under GDPR carry administrative fines of up to €20 million or four percent of total yearly worldwide revenue, whichever is higher. Furthermore, there could be individual lawsuits, class-action lawsuits, and personal liability claims against your organization. There are also business costs and impacts, from reputation damage, which could lead to lost business, to competitors who have better prepared themselves for GDPR.
It is difficult to say exactly how GDPR non-compliance will impact your organization. The specific consequences depend on:
Some violations can be deemed lower level, such as Article 32—security of processing, or upper level such as Article 7—right to consent, Article 16—the right to rectification, Article 17—right to erasure, and Article 20—right to data portability. These specific GDPR articles are grouped under each of these violation categories as you can see here:
After speaking with a lot of customers and others in the industry about GDPR our team has defined four key areas of GDPR compliance for Salesforce Backups that we see companies struggling with in their GDPR compliance strategies:
Download The GDPR and Your Salesforce Backups eBook for more on these key compliance areas and helpful guidance on steering your organization towards GDPR compliance.
In case you missed it, download the post-GDPR webinar recording, GDPR Compliance in the Post Enforcement Period.