In the past year, since the introduction of the new GDPR rules, businesses in the EU have been fined €56m in total.
In the UK, the Information Commissioner’s Office (ICO) recorded 1,792 data breaches in the first month, nearly eight times the average of the previous year. And UK firms have been warned that there will be no let up from the authorities in their pursuit of those that break the rules.
Dr. Gero Decker, CEO and co-founder of management software company Signavio, said: “A year on, businesses now understand what is expected of them, but the main challenge is the on-going compliance. Companies are not taking a sustainable approach to GDPR. Each and every employee throughout the business must adopt a rigorous mentality to protocol adherence, taking personal responsibility and collaborating intuitively to keep data up-to-date. It is vital to remember that those on the ground will determine a company’s successful compliance.”
“Some companies are doing the bare minimum in order to tick regulatory boxes. However, this will not prove fruitful in the long-term. In order to reap the most rewards, businesses must change the way they are using data across the board to provide maximum value both internally and externally.”
He added: “Having the correct documentation to prove compliance is just as important as fulfilling the GDPR mandate. So maintaining full visibility on how data is being captured, processed and analysed is essential. Without adequate internal governance, businesses are opening themselves up to high penalties that can be easily avoided.”