What are the penalties for non-compliance with the GDPR?
In Maryland, non-compliance with the GDPR, or General Data Protection Regulation, carries penalties for both businesses and individuals. For businesses, the first penalty for non-compliance is a warning notice, issued by the Data Protection Agency. The notice will specify what data protection rules or regulations were violated and give the business an opportunity to correct the breach within a certain timeframe. If the business fails to do so, it may be subject to administrative fines of up to 20 million Euros, or 4% of annual global turnover, whichever is higher. Individuals may also incur penalties for non-compliance with GDPR. Individuals who violate the GDPR may be liable for damages to those affected by the violation, or for fines of up to 10 million Euros, or 2% of their annual global turnover, whichever is higher. The GDPR also allows data protection authorities to impose corrective measures, such as ordering a business to cease the processing of data until the breach is rectified, or to take specific steps to ensure the data subject’s right to information. In addition, data protection authorities may also order data controllers to disseminate messages informing the public of the infringement and the measures taken. Finally, GDPR allows for orders to publish corrections of inaccurate data, as well as orders to erase data. The main goal of the GDPR is to protect the personal data of citizens, and fines and corrective measures are meant to uphold this goal.
Related FAQs
What are the best practices for protecting customer data in mobile applications?How can businesses handle customer requests for data access and rectification?
What are the obligations of companies when transferring customer data?
How can businesses protect themselves from privacy law violations?
What legal obligations do companies have when using customer data for marketing purposes?
What are the consequences of failing to comply with privacy laws?
How can businesses create policies to protect their customers' personal data?
How do companies ensure compliance with privacy laws when collecting customer data?
How can companies protect customer data when using IoT devices?
How can companies ensure compliance with privacy laws when using customer data?
Related Blog Posts
How Can a Business Mitigate Its Risk of a Privacy Lawsuit? - July 31, 2023Critical Steps for Businesses to Take for Privacy Compliance - August 7, 2023
The Basics of Privacy Law: Everything You Need to Know - August 14, 2023
Data Protection and Privacy Law: What You Need to Know - August 21, 2023
Privacy Law: What You Need to Know to Protect Your Business - August 28, 2023