The GDPR will apply to all companies processing Personal Identifiable Information (PII) of citizens residing in the EU, regardless of the company’s location.
PII is personal data that could potentially identify a specific individual, such as: copies of passports, CVs, employment history, financial details, address details, medical details, sales prospect/marketing data, location data, or customer information.
GDPR Requirements
Organisations will now have to comply with much stricter guidelines around data management and policy. All EU citizens will now have the right to:
Be notified of any data breaches.
Access any PII held by organisations.
Be forgotten.
Obtain and reuse PII for their own purposes.
All EU organisations must demonstrate compliance by Storing, Managing, Destroying and Auditing PII appropriately.
Penalties
The new GDPR legislation will be introduced on 25th May 2018. Non-compliance by this time will incur heavy fines. These financial penalties can be up to 4% of your annual global turnover, or €20 Million – whichever is greater (although there is a lower tier for lesser breaches of 2% or €10 million).
Compliance Strategy
Apogee can work with your organisation to understand your current situation and help develop a bespoke strategy and plan of action to work towards GDPR compliance before the deadline and avoid heavy penalties that will be imposed.
To discover how Apogee can help your organisation develop a strategy to ensure GDPR compliance before heavy penalties will be imposed, contact us using the form below.
To learn more, please fill out the contact form:
See the latest insights on the modern workplace, and more about what we’ve been up to.
