4 min read

Writen by adm

Posted on: December 7, 2021

Getting management to care about GDPR

The GDPR is seen as the gold standard for data privacy and protection around the world. If breached, the enforcement can be harsh, to say the least.

Infringement of some of the GDPR laws can result in fines, big fines. For example, a €20 milion or 4% of global annual turnover fine (whichever is greater) can be expected if the ‘Conditions of consent’ or the ‘Lawfulness of processing’ Articles, for example, are not observed. These two examples are not exhaustive by any means. Smaller fines of €10 milion or 2% of global annual turnover can be issued if the ‘Records of processing activities’ or ‘Security of processing’. Articles are infringed. Moreover, it can cause a serious reputational damage.  

But on the other hand, personal data has tremendous value. If it’s managed properly, it can create significant competitive advantage. In order to get GDPR right and in order to get privacy right, you need the entire organisation to be moving in the same direction.

Managers are ultimately responsible for ensuring a business complies with the GDPR. The management needs to set a strategy to meet the more stringent regulatory mandate without losing focus on growing revenues and profits and while innovating to stay competitive, keeping the board of directors happy and maintaining an engaged workforce.

How can this be the case given the disruption and the expense? Some of the key areas they must address include:

• Creating a GDPR compliance programme.

• Creating workplace policies that ensure continued GDPR compliance.

• Ensure data security procedures are in place and data handling technologies are up to date.

• Take steps to ensure users are well aware of their rights and understand how/why their data is being used.

• Audit the ways the business collects and processes user data, ensuring they are GDPR compliant.

• Providing adequate staff training to ensure they comply with GDPR principles.

• Ensure any third-party data processors the business uses are compliant with the GDPR.

Core to an approach that fulfills GDPR compliance and the needs of good data management is data governance. A strong data governance program is vital to data visibility and oversight needed for GDPR compliance. It supports assessing and prioritizing data risks, as well as facilitating compliance verification with auditors, and helps manage the current state of your data, its evolving future state and its lineage through the data ecosystem. With the right data governance approach and supporting technology, companies achieve compliance using their current as-is architecture and data assets. With the correct governance, companies can comply while building a competitive advantage. Strategic, enterprise-wide data management driven by GDPR compliance will increase consumer trust, improve data quality and analytical processes, optimize operational efficiencies, and reduce costs. It will move the enterprise closer to being a data-driven business.

What are the benefits for the companies if they are GDPR compliant: easier business process automation; increased trust and credibility; a better understanding of the collected data; improved data management; protected and enhanced enterprise and brand reputation.

Are you personally liable as a senior executive? The GDPR does not hold directors and officers personally liable at the moment, however, most of the countries’ national laws make clear that if an offence is knowingly committed, or committed through negligence, that director, as well as the company, will be liable to prosecution.

Contact Us

Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
GDPR Local team.

Contact Us

Recent blogs

ISO 27001 Controls: A Comprehensive Step-by-Step Guide

Organisations in today's world filled with technology require a good information security setup and

Comparing Information Security Frameworks and Data Protection Frameworks

With cyber threats evolving at an unprecedented rate and regulations tightening globally, understan

EU AI Act Summary: Key Compliance Insights for Businesses

The EU AI Act is a pioneering attempt to regulate AI systems, striving for a balance between foster

Get Your Account Now

Setup in just a few minutes. Enter your company details and choose the services you need.

Create Account

Get In Touch

Not sure which option to choose? Call, email, chat to us

Contact Us

Stay Up-To-Date

Leave your details here and we’ll send you updates and information on all aspects of GDPR and EU Representative. We won’t bombard you with emails and you will be able to tell us to stop anytime.

Full Name is required!

Business Email is required!

Company is required!

Please accept the Terms and Conditions and Privacy Policy