With a record number of data breaches last year and a steady stream of new revelations about misuse of data, you may think that you have heard all that 's wrong. you have to know about data breaches.
You would be wrong.
Now that the General Data Protection Regulations (GDPR) is fully implemented, there is another way for businesses to break the data privacy laws. GDPR is a vast set of rules governing the processing of personal data of members of the European Union, no matter where it is located. It came into force in May, and violations are punishable by considerable fines – up to 4% of a company's annual business turnover, or 20 million euros. (whichever is greater).
What is a violation under GDPR?
GDPR defines it as a "breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to personal data." According to GDPR, entities have only 72 hours to notify a supervisory authority, which is also known as a data protection authority (DPA). Data controllers are required to report violations to the authority, while processors must report them to their controllers.
[Read the full article on MarTech Today.]