Despite the noise that is being made with the entry of the new General Regulation for the Protection of Data (General Regulation of Data Protection, GDPR), in Spain, still 55% of the companies have not been put to work for fulfill it.
On May 25, 2016 the GDPR went into effect and from May 25, 2018 will begin to be applied and it will be mandatory for the States of the European Union, institutions, companies and organizations that deal with personal data. However, today and, despite having given a period of 2 years for its adaptation, more than half of the Spanish companies are not yet ready.
This especially affects SMEs because they do not have the necessary resources that large organizations could have. The lack of knowledge of it is so high and worrying that, according to a study by WatchGuard, 37% of the companies surveyed still do not know if their company needs to comply with the GDPR , while a 28 % think that your organization does not need to comply with the regulation at all, which should be checked.
Against this data, only 10% of companies think that they are ready and 100% comply with the GDPR being ready for it, a rather low percentage if we take into account that only 46% of companies seek external help to adapt .
Seeing this data demonstrates the lack of knowledge that exists in this regard despite the fact that there are 8 months left for its entry into force and there was a period of 2 years to be able to make a progressive and adequate adaptation.
It is important to inform and offer all possible help to companies to adapt to the GDPR and the LOPD and its respective regulations, which should not be forgotten that they will remain in force and coexist together with the new regulation in areas that do not contradict the GDPR, as R3 Cybersecurity is doing, offering the adaptation service to the legal framework of the European Union .
We remind you again that those companies that do not strictly comply with the regulation can be sanctioned with fines of up to 20 million euros or 4% of the company’s annual global capital , or even incur liability criminal law for those responsible for companies. Some very important sanctions, taking into account that an adaptation in time would not cost a quarter of what could be the sanction by the National Control Authorities.
Therefore, we encourage companies to seek help from companies that are experts in the sector and adapt as soon as possible to the new European regulations.
Silvia López | Legal Adviser in R3 CyberSecurity