In May 2018, the European Union’s General Data Protection Regulation (GDPR) will come into effect. It’s the most comprehensive piece of privacy legislation developed by any jurisdiction to date and goes beyond the requirements of Australia’s current privacy regulations.
The GDPR applies to any business that holds, controls or processes personal data of EU residents. Any Australian company that holds personal data of EU residents - whether they are customers or employees is captured. So too is an Australian company that uses an EU-based third party to process data about EU customers or one that uses EU suppliers and as a result holds data about EU residents.
Many Australian businesses are unknowingly impacted however it’s essential that they become compliant as the consequences for not doing so are significant. As well as the financial impact, starting at fines of €20 million and going as high as 4% of global turnover, there are other risks. In this short video, Peter Malan, Leader, Digital Trust provides an overview of GDPR, the key considerations and the questions board members need to be asking now.
Partner, Cybersecurity & Digital Trust, PwC Australia
Tel: +61 413 745 343