Gdpr Fines – Insolvencies Waiting To Happen?
Published November 2017
The General Data Protection Regulation (GDPR) research by Collyer Bristow is suggesting that up to 18% of businesses could be at risk of insolvency if they were found to be breaching the new GDPR provisions, set to come into force on 25 May 2018.
With the new regulations in place, organisations in breach of GDPR can be subject of fines up to €20 million or four per cent of their worldwide turnover, depending on which is highest. This will obviously have repercussions for the majority of businesses, even those with healthy profits.
The research also shows over half of UK small businesses are not familiar with the changes being brought about by GDPR, alongside one third of larger companies. So what can be done to help these businesses?
The obvious first step is to be aware of the new legislation and its impact. A good overview of the legislation, as well as updates and summaries, can be found at https://ico.org.uk/for-organisations/. Making sure that private data is dealt with in line with these guidelines should massively reduce the potential for any fines.
If the Information Commissioners Office (ICO) determines that GDPR provisions have been breached, they will look at the type of infringement that has taken place to determine the level of fine. Is the breach intentional or negligent? Some examples that may incur a top-level fine would be:
- Infringement of the rights of data subjects
- Failure to adhere to a subject access request process
- Basic principles for processing data, including consent
Lower tier fines could be based on:
- Not designating a Data Protection Officer within the business
- Not notifying a data subject of a personal data breach.
Where the fines are imposed on an individual rather than a corporate controller or processor, the ICO will take into account the person’s income and economic situation. This will undoubtedly assist those in a situation where a fine is a certainty.
If a business is concerned about the effect that a fine may have on its solvency, Cranfield Business Recovery is in a perfect position to advise and assist. Please contact Philip or Tony on 024 7655 3700 on a free-of-charge basis for more information.