Navigating government regulations can always be a challenge. One thing is certain, you do not want to be caught out of compliance and have to pay hefty fines. For anyone doing business in the European Union (EU), GDPR is an important regulation to comply with.
A recent ZDNet article shows that fines have been increasing since GDPR was first introduced a little over 2 years ago.
The past year has seen a total £142.7 million ($193.4 million USD) issued in GDPR-related fines, which is almost a 40% increase compared to the previous 20 months. The biggest fine imposed so far under GDPR was issued by French regulator CNIL in 2019: a €50 million ($61 million USD) fine against Google for a breach of transparency rules.
So maybe increasing fines in the EU isn’t a concern for you? Rest assured, both Canada and the U.S. are in the process of implementing stronger data privacy laws. There are some who believe U.S. President Biden will look to pass a stronger privacy laws. Certainly in light of the SolarWinds breach, it is expected that President Biden will be looking to strengthen U.S. cyber security policies across the board. In Canada, the Digital Charter Implementation Act was introduced in November. If the act becomes law, it will give Canada a Privacy law similar to GDPR. If passed, companies could face fines of up to five per cent of global revenue or $25 million — whichever is greater — for the most serious offences.
Data privacy policies aren’t going away, in fact, more companies around the world are looking at implementing GDPR-like legislation. As breaches keep increasing, fines keep going up. Even if you do not do business with the EU, you should start to get prepared for the legislation that is coming to North America. So, how can you ensure compliance?
- Complete a thorough audit of your current data security system
- Educate your staff
- Engage an MSP or MSSP with a comprehensive understanding of data privacy regulations
Engaging with an MSP to help ensure compliance will be critical. From setting up workflows, to on-going 24/7 monitoring, an MSP can help your business stay on top of the regulations. Hiring an MSSP (Managed Security Service Provider) can take this one step further, as security policies around breach readiness will also become a factor. An MSSP like Uzado provides protection that strengthens an organization’s cyber security capabilities by providing personal data clarification and protection, better incident response and a faster detection of breaches.