It has now been one year since the General Data Protection Regulation (GDPR) has been in effect. Titled as a transition year, companies across the globe struggled to adjust and comply with the new law. Though companies and governments were given time to prepare for the new data assessments and procedures, there was still a level of uncertainty pertaining to the exact degree of preparation and readiness to prepare for the new law. Now, let’s step back and take a look at what has come as a result.
In just a single year, the European Data Protection Board (EDPB) and data protection agencies have issued fines totaling €56 million from more than 280,000 cases. That is roughly fines of €4.6 million and 23,000 cases per month. GDPR did not come quietly as some might have expected.
We believe this is just the beginning of the enforcement procedures since last May. While many of the cases and fines will not be as notable as Google’s €50 million last year, the amount of cases being processed will provide more than enough justification to ensure GDPR compliancy—or even double checking. Just in case.
From day one, cross-border cases run a current total of 446 cases. According to the EDPB, 205 of those cases led to One-Stop-Shop (OSS) procedures. So far, there have been 19 final OSS outcomes.
Though data breaches are more likely to garner all the attention, there are far more complaints about other aspects of privacy regulations. Around half of the complaints relate to the way subject access requests were handled.
The massive increase in reports of data breaches in the first year are astounding, as is the rate at which these cases are being processed. Over 60% of cases are already closed, with only 0.1% of them being appealed in national courts. That means justice is being served quickly and efficiently.
This is a quick overview of what has occurred since last May because of GDPR. Here is a report (pdf) of a more in-depth analysis of what happened in the first nine months of GDPR, which came out at the end of February.
With time and experience with GDPR now under our belts, it is an excellent opportunity to review company procedures of handling private data.
There are many different characteristics regarding GDPR, it is better to be safe than sorry. Now is a favorable time to inspect, test, and assure the adjustments and changes to meet compliancy are in full effect. At Appglo, we make sure companies are compliant with every aspect of GDPR so there are no surprises later on.
Call us today for a free demo to ensure GDPR compliancy, or simply to learn more about how GDPR affects your company.