Q How can my company ensure compliance with privacy law(s) while sharing data with third parties? A To ensure privacy law compliance, consider the following while developing a third-party data sharing policy: • legitimacy (lawful basis for sharing data); • benefit vs. risk; • whether you have rights to share the information; • safeguards governing the data transfer; • developing sharing protocol and agreements; and • keeping the shared data up-to-date and accurate. Q What are the potential penalties for failure to comply with a privacy law? A Failing to comply with the privacy policies and resulting data breach can lead to significant fines that vary on the degree of non-compliance and efforts to alleviate the damaging nature, and the gravity and duration of the violation once discovered. The GDPR allows for fines of ten million Euros or two percent of the noncompliant firm’s worldwide annual revenues, whichever is greater, for less severe infractions. These fines can be doubled for more serious infractions. Additionally, being embroiled in a data breach controversy can also erode trust among the customer base leading to loss of revenue.
IP ESSENTIALS: DATA PRIVACY
Made with FlippingBook HTML5