GDPR: 25 May Comes! What is going to happen from 26?

It's the question that seems to be on the minds of many in data protection circles: What will happen on May 26? For those who don't understand her , let us remind you that the General Data Protection Regulation (from the General Data Protection Regulation or GDPR for short) is going to come into force on May 25.

So many are wondering what will happen after the new regulation is implemented. Of course, the EU and the Member States are reportedly taking the data protection very seriously, but so far, we have not seen any striking changes in the measures to be taken for the new regulation. GDPR

Some would argue that this is due to the fact that many countries have neglected to give data protection laws to law enforcement and thus essentially will not have immediate some control mechanism.
But GDPR is coming and bringing new rights to , new data breach notification obligations and many other operational issues that companies will likely struggle to address.

The data protection authorities (DPA) expect everyone to implement the law quickly, but no one has said what will happen from day one… Will they start handing out fines immediately? Will there be many fines? Will fines be DPA's main tool for enforcing and introducing the GDPR?

Below we will see what you can do from 26 in May if you are not yet ready to fully adopt the new regulation:

First of all, do something to show the effort. Even if you're not ready for full GDPR adoption, it won't be a problem. Will there be a grace period? We hope so, although some authorities explicitly state that there will not be. Of course, the necessary curve should be taken seriously of the new regulation, but this lies at the discretion of each Authority. However, it is important to start today, not tomorrow.

If an authority invites you and you can prove that you have started the path, it will go a long way.

Secondly, immediately update the Privacy Terms of Service and tell your customers what you do with their data. Also make sure to let them know about their rights as described in GDPR.
Transparency will be a key priority of implementation, it will be the key. Rights can not be exercised if there is no transparency.

If you collect data and do something with what your customers do not know, you better stop it, not tomorrow, today, or at least 25 May. You are legally required to have a Data Protection Officer. Make sure you have a name and publish your contact information.

Third, make sure you ask for help. Some of these problems are really hard to solve. If you have a problem, do not pretend there is not. Do not hope you will not notice it. Contact your local DPA and ask that you do not understand. Better to disturb you than to disturb you.
Although not all EU data protection authorities are equally cooperative, the GDPR should be implemented. The given grace period mentioned above may not exist in some countries:
"There are no grace periods," said the Austrian DPA and Andrea Jelinek, "because grace periods were already the previous two years. You had two years to take the necessary steps. "

Surely there will be fines and they will be important. Strict fines will of course be imposed on companies that intentionally insist on violating the law.

There will be warnings, and investigations will be conducted before the fines. However, companies that show a willingness to comply and cooperate will be better treated by the authorities. Initially at least…

____________________

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).