The information Commissioner’s Office (ICO) has signalled that it will take the current circumstances into account when considering enforcement action under GDPR. However, the ICO will still expect employers to take appropriate action to protect information when working from home.
Of 23 personal data requests made to companies in the UK, 74% failed to address these requests from individuals seeking to obtain a copy of their personal data, within the one-month time limit required by the GDPR.
And, in the last year, fines totalling over £49 million have been issued to 91 companies around the world for failing to follow GDPR rules, including nearly £44 million against a single organisation. Although the European Commission did not levy the full 4% of the companies’ total global revenue, which they could have done, it’s still a sizeable sum.
If you want to put in place some simple steps to help your organisation comply with GDPR, here are a few guidelines: