Did you know that a violation of the personal privacy law in the future could result in fines of up to EUR 20 million?
The new Personal Privacy Regulation goes into effect on May 25, 2018. The regulation imposes requirements on companies processing of personal data and is a tightening of the existing rules of the Personal Privacy Act. Although May 25, 2018 is still a long way off, it is important that companies are already preparing to comply with the new rules of the regulation, and first and foremost, get an overview of the data they hold and how these data should be handled.
The purpose of the new regulation is to increase individual’s data security, standardize the rules across the EU and ensure easier cooperation between countries and authorities. Most of the rules in the existing Personal Privacy Act will continue to exist in the new regulation, but new and stricter principles will also apply.
The innovations introduced include increased demands on the following principles: consent, disclosure, documentation requirements, the right to be forgotten, data portability, reporting, impact assessment, appointment of a security officer – a so-called "DPO" (Data Protection Officer) and a tightening of sanctions.
In the event of a violation of the new Personal Privacy Regulation rules, companies risk a fine of up to EUR 20 million or 4% of its global turnover. If the latter amount is greater, this will be used as the basis of calculation.
At Azets HR Legal, we can help you to get an overview, so that you are ready to comply with the new requirements. During 2017, we will organize seminars on the subject, and we can offer you "to-do-lists", timetables, draft agreements, etc.