6 myths about GDPR that must be busted

6 myths about GDPR that must be busted

GDPR is not about sanctioning, but about putting citizens and consumers first. These and other myths about GDPR are misinterpreted. Here's a list of the most common ones.

Myth 1: GDPR is an unnecessary burden on organizations

Although the regulation requires more responsibility for the use of personal data, it actually only strengthens existing rights. GDPR builds on the foundations already known in the past. Basic principles such as security, transparency and respect for individual rights have already been anchored in the previous Data Protection Act of 30 April 2013.

Myth 2: All details must be provided as soon as personal data is violated

You must report a privacy violation without delay, if possible, no later than 72 hours after you become aware of it. Companies will have to provide all available data when reporting. However, GDPR says that if detailed information cannot be provided immediately, you can do so later.

Myth 3: All security incidents must be reported

As mentioned above, in the event of a personal data violation, such an event must be reported. However, if the rights and freedoms of people have not been compromised, you do not need to report it.

Myth 4: Data breach reports are a tool to punish organizations

The purpose of the Personal Data Protection Regulation is to increase the level of security and privacy in all spheres. Reporting aims to better prepare organizations to address security issues. The aim is to encourage companies to increase their ability to record and prevent personal data breaches.

Myth 5: Pre-ticked boxes in data processing consent are a sign of valid consent

Consent to the processing of personal data is one way to comply with GDPR. However, its legal basis must be clearly defined. This means that it is necessary to explain in clear and comprehensible language how, where and how personal information will be used. However, when confirming it, it is necessary to grant the freedom of choice whether or not we express our consent.

Myth 6: The fine will always be imposed and will be high

If companies are honest and admit their error without undue delay, they can avoid fines. In the event of a fine, the financial sanctions will be proportionate to the severity of the incident. There is no need to worry that for your minor offenses you will be immediately fined the highest possible fine, and that maximum amounts will become the norm.