Last week, the French data protection authority announced that it had slapped search engine powerhouse Google, with a $57 million fine for violating the European Union’s General Data Protection Regulation (GDPR). GDPR was designed to modernize laws that protect the personal information of individuals, while also providing users with more control over their information. Google was fined for failing to disclose to users how data is collected for personalized, targeted advertisements. Google’s hiccup marks the largest penalty since GDPR went into effect in May 2018.
Okay, so $57 million is not a devastating number for a company worth $767 billion, but regulators allege Google didn’t do enough to get valid user consent before targeting their buying experience. However, this type of penalty does more harm than simply digging into Google’s pockets. It also tarnishes the trust users have in the search engine brand. By blowing the whistle on their data mismanagement, more consumers will be inclined to check “no” on Google’s next cookies consent pop-up.
Driving a global change, GDPR presents significant policy updates to the practices in which organizations worldwide handle and secure personal data. GDPR requires firms to follow strict privacy rules created to keep data secure. So, whether your company operates in the EU – or does business with organizations that do – you need to ensure that your operations remain GDPR compliant.
Do you recognize how GDPR applies to the way your business manages customer information? Here are the top 5 things to know to ensure business compliance:
- Enforceable by law, GDPR data protection and privacy rules are being established as expected and necessary components of any interaction with customers, partners or constituents.
- Data protection is a requirement and must be essential to the design and implementation of information systems for compliance.
- Under GDPR, personal data includes but is not limited to, names, identification numbers, location data, internet protocol addresses, phone numbers, browser cookies, and more.
- The GDPR provides users with the following individual rights: the right to data portability, the right to rectification (changing incorrect data), and the right to be forgotten.
- Organizations found to be non-compliant may be subject to sanctions ranging from mandatory periodic audits and fines that include a maximum penalty of 4% of global revenue.
Demonstrated by Google’s mishap, non-compliance now carries more serious risk to organizations worldwide. Can your business quickly and efficiently respond to an individual’s request to eliminate data stored about him or her? Do you have the right content management tools in place to facilitate that request?
Square 9’s award-winning GlobalSearch document management software eliminates risk and enables your company to abide by GDPR regulations through efficient methods of capturing, storing, accessing and managing digitally stored data. Learn more about what information needs to be protected, and how to ensure your company is compliant by visiting info.square-9.com/gdpr-compliance today!