How costly can non-compliance with the GDPR Regulation come out?

How costly can non-compliance with the GDPR Regulation come out?

The role of the GDPR was to give people more control over their personal data and also to inform who handles it and how. Companies should not take these regulations lightly, as they risk significant fines.

To what amount can fines for non-compliance with the GDPR be imposed?

Fines for non-compliance with the GDPR regulation can cost up to millions of euros. The amount of the fine may amount to up to EUR 20 million or 4% of the total worldwide annual turnover for the preceding financial year, whichever is the greater. In 2019, Google was fined € 50,000,000 for privacy violations.

We can focus on four main areas of the issue

1. A fine

The fine can range from a few hundred to millions of euros. The amount to which the fine climbs depends on the seriousness of the offense and its extent.

Cases from Europe show that the fine is not negligible, as was the case with British Airways or Austrian Post.

2. Correction of non-compliance and cost for incident investigation

The hidden costs may include money or time to investigate the incident, correction of non-compliance or even changes in security measures that are directly related to its solution. Investments that are made under pressure are inefficient. For example, we can include the purchase of technology before visiting the inspection office.

3. Compensation for damage

There was a case in the Czech Republic where a situation arose with compensation of 10,000 Czech crowns (cca 370 eur) for a leaked password. The cases mentioned above have climbed to millions, but the amount of these costs could potentially climb to billions of euros. Class actions can also play an important role, where victims will have a facilitated lawsuit process.

4. Communication and Public Relations

We must also not forget the price associated with communication with victims. In practice, we can see that appropriate communication at the right time also plays a key role. Proper timing and well-chosen communication can affect the extent of PR damage and also the amount of the fine. Communication with the public is not a negligible expense.

Any company that handles personal data must focus on GDPR

Fines for non-compliance with GDPR legislation are not negligible, the question is to what amount can the fine for non-compliance with GDPR be climbed? The necessary measures to protect personal data should not be neglected, as fines for non-compliance can be liquidating.