Shutterstock/MangostarData breaches have always been disastrous, and new data privacy laws compel organizations to protect data subjects making the impact of breaches even worse. A Data Breach Policy will help protect you. Data and Privacy Protection Legislation Organizations that hold or process personal data have duties placed upon them to protect and safeguard that data. Modern legislation typically includes restrictions on the selling and buying of personal data, and on the purposes behind the collection of the data. The data subject or consumer has rights related to their personal data, and further obligations are placed on organizations to uphold and service those rights. Failure to comply with your local data protection or privacy legislation—or any similar legislation from other geographical regions that apply to you—will have serious consequences. The loss of trust by customers damages what is often an organization’s greatest asset: its reputation. Of course, there are more quantifiable damages too. Most legislation has the power to enforce financial penalties. The General Data Protection Regulation (GDPR) can see fines of EUR 20 million or 4 percent of the previous year’s annual global turnover—whichever is greater—imposed for the most serious infractions. These fines are imposed by the data protection Supervisory Authority of the relevant European country, or by the European Commission if the violation affects the citizens of multiple countries. The Californian Consumer Privacy Act (CCPA) also provides for fines to be levied for non-compliances. They are enforced by the California attorney general’s office. There are civil penalties of USD 2,500 for each violation or… Click below to read the full story from How To Geek
Read More