You’d be wrong.
Now, with the General Data Protection Regulation (GDPR) fully implemented, there’s yet another way for companies to be in breach of data privacy laws. GDPR is a sweeping set of rules governing the handling of European Union members’ personal data, no matter where it is. It came into full force in May, and breaches carry huge fines — up to 4 percent of a company’s annual global turnover or €20 million (whichever is greater).
What is a breach under GDPR?
GDPR defines it as a “breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data.” Under GDPR, entities have only 72 hours to notify a supervisory authority, which is also known as a data protection authority (DPA). Data controllers are required to report breaches to the authority, while processors must report them to their controllers.
[Read the full article on MarTech Today.]
About The Author
Robin Kurzer started her career as a daily newspaper reporter in Milford, Connecticut. She then made her mark on the advertising and marketing world in Chicago at agencies such as Tribal DDB and Razorfish, creating award-winning work for many major brands. For the past seven years, she’s worked as a freelance writer and communications professional across a variety of business sectors.