'Most Innovative Startup 2020' by RSA - Watch the videoLearn More
In 2016, the European Commission replaced its long-existing Data Protection Directive with a modernised version, the General Data Protection Regulation (GDPR). The GDPR is based on the EU Charter of Fundamental Rights that considers the protection of personal data an individual’s fundamental human right.
The objective of the GDPR is to ensure the protection of personal information through a human rights centric approach and allow secure transfer of personal information within and across jurisdictions. At present, the GDPR is considered to be one of the best global practices in relation to data protection and privacy legal landscape.
The GDPR provides the following rights for individuals. However, each right has its limitations with respect to circumstances under which it will not be exercised. For example, any “manifestly unfounded or excessive” request of a data subject may be refused to be exercised by the controller, in particular, because of its repetitive character.
The General Data Protection Regulation is not specific to the European Union, but applies to any organisation operating within or outside the EU which offers goods and services to customers or businesses in the EU.
If we dive into the specifics, there are two different types of data-handlers this legislation applies to, known as the 'processors' and 'controllers'. The exact definitions of each are laid out in Article 4 of the GDPR
For non-serious infringements, fines can go up to €10 million, or 2% of the firm’s worldwide annual revenue from the preceding financial year, whichever amount is higher. This includes violations of articles governing:
For Serious infringements fines can go up to €20 million, or 4% of the firm’s worldwide annual revenue from the preceding financial year, whichever amount is higher. This includes violations of articles governing:
The multi-disciplinary practice to grow trust-equity of your brand and comply with privacy regulations.Get the Book
“By leveraging the PrivacyOps constructs from this book across our organization we were able to not only save time and money but also mitigate the risks associated with manual methods of privacy management.”
- Marty Collins, Chief Privacy and Legal Officer, QuinStreet, Inc
SECURITI.ai’s award-winning compliance solution revolves around the concept of PrivacyOps, which calls for utilizing robotic automation, artificial intelligence and machine learning to provide enterprises with a system that automates majority of compliance tasks, freeing up crucial resources for other areas of business.
SECURITI.ai helps businesses discover data over a web of internal and external systems, stitch a data graph to link personal data with each individual, conduct automated internal assessment of policies as well as third-party vendors, manage consent and do a lot more!
While businesses may hesitate to take the leap towards automation from their current manual methods with the fear of costs and change in infrastructure, it is evident that automation is truly the way forward. Automation will increase the ROI as well as increase productivity, lowering cost and improving accuracy, in other words, it will pay for itself and bring organizations a number of benefits along with it.
The GDPR stands for the General Data Protection Regulation
The GDPR went into effect on May 25, 2018
Penalties for non-compliance can go up to €20 million, or 4% of the firm’s worldwide annual revenue
The GDPR gives eight fundamental rights to the consumer which include:
According to the GDPR enforcement tracker, from July 2019 till date, the total GDPR fines that have been paid globally is €436,948,087
See how easy it is to manage privacy compliance with robotic automation.