During the initial stages on implementing GDPR, and during the grace period allowed by the EU, most companies had only touched the surface on GDPR requirements and the changes they had to make.
Now, more than 20 months after GDPR has been in force, official data from DLA Piper reveals there have been over 160,000 notified data breaches, with over €114 million ($126 million) in fines, the biggest of which was Google at €50 million.
According to CNBC, a Partner at DLA Piper,A law firm dealing with main GDPR issues in Europe, said the findings showed that “we’re still in the very early days” of enforcing the new EU data privacy laws.
“It’s not a huge surprise that we’re seeing a slow start to fines, but there’s more to come,” he said.
Talking to Lawyer Monthly, CEO and Co-founder of Encompass Corporation, a company that provides comprehensive information about a costumer by using robotic search through multiple sources of global company, registry and person data, says the EU is gearing up for more fines and that this should indeed serve as a wakeup call to all those left unprepared: “It’s no surprise that data privacy watchdogs are gearing up to make full use of their expanded powers after collecting around £100m in fines “.for data violations. Since the arrival of the GDPR, large companies and banks have been scrambling to implement effective policies to adhere to the legislation, with mixed results so far
This news should serve as a wake-up call for financial services organizations to ensure full compliance with existing and incoming legislation. With new figures revealing that banks were hit with over £6bn globally for breaches of anti-money laundering(AML) regulation, the importance of adhering to strict compliance rules cannot be underestimated. Moving forward, the ability to know your customer and manage their data proficiently should be a top priority for banks of all sizes.
General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). It also addresses the transfer of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. The regulation contains provisions and requirements related to the processing of personal data of individuals (formally called data subjects in the GDPR) who reside in the EEA, and applies to any enterprise—regardless of its location and the data subjects.
News Source: https://www.lawyer-monthly.com/2020/01/gdpr-results-in-126-million-fines-is-this-a-wake-up-call
https://en.wikipedia.org/wiki/General_Data_Protection_Regulation