UK Information Commissioner calls time on GDPR non-compliance
By Sarah Pearce
2019 was expected to be the “year of the data breach”, or more specifically, the time we would see the real impact of the GDPR in the sense of regulatory authorities starting to make use of their hefty new powers under the regulation. We anticipated, in
The message is clear – any unwritten grace period for compliance is over. It is no longer enough for companies to say they will or are taking steps to comply; the accountability principle is live – you either comply or risk being caught out and subject to the sanctions that the regulators are not afraid to impose. The Information Commissioner further reinforced the idea saying, “for those who do not take this responsibility seriously or those who break the law, we will act swiftly and effectively.”
Now is the time to ramp up your compliance programs if you have already started – and certainly get them well underway if you have not. It would also be advisable to refresh and audit your compliance given the passing of the one-year anniversary.