On International Data Privacy Day, we decided to take a look at the most relevant events in 2021, with the bridge to what is expected of the year 2022 with regard to Data Protection and Cybersecurity.
While the emergence and spread of COVID-19 in the first quarter of 2020 put business concerns about gdpr in the background, the current dependence on technology and digital has pushed cybersecurity and data protection to the top of the decision-makers’ agenda.
In 2021, at European legislation level, we highlighted the adoption of the Digital Markets Act and Digital Services Act,which aim to create a more secure digital space in which the fundamental rights of users of digital services are protected. In addition, this new legislation aims to promote a fair digital space by prohibiting certain unfair practices of the technology giants, offering freedom of innovation in digital products, fairer prices, quality and consumer choice.
2021 was also the year that recorded the highest amount of fines imposed for personal data breach: amounted to 1 billion euros, with the top 3 occupied by Amazon (746M€ ), Whatsapp (225M€) and Google (50M€).
In Portugal, the ‘Russiagate’ case stands out, which resulted in the application of a fine of €1,250,000 to the Municipality of Lisbon for violation of several provisions of the GDPR, namely lack of lawfulness, violation of the principles of data minimization and retention, and non-compliance with transparency obligations.
But 2022 also began with an alarming case of personal data breach that involved the Impresa group and called into question the operation of important media, such as SIC or Expresso.
According to data from the GDPR Small Business Survey,about half of small businesses in the EU fail to comply with the Regulation. This study also reveals that many managers do not have knowledge about basic concepts of data protection, such as encryption, for example. Interestingly, about half of respondents invested between 1,000 and 50,000 euros in GDPR compliance, although many believe regulators will not focus on small businesses. On the other hand, they recognise that SMEs are the most exposed to the risk of a fine because they do not have a sound organisational structure and legal support.
How can Moneris help?
At a time when the protection of personal data and cybersecurity go hand in hand, it is important to conform your organization to the new rules imposed by the GDPR in a systematized and holistic way.
Implementing control tools and specific procedures for the management and protection of the data of your customers and employees requires not only a comprehensive knowledge of the new legislation, but also a technological and cybersecurity aspect, essential to ensure the conformation and security of your organization.
Therefore, Moneris brought together a team of experts and partners, with proven experience and know-how, to build turnkey projects that cover all relevant areas with a process designed to suit each company, taking into account the specificities of each organization.
Take advantage of our Special International Data Privacy Day special offer: schedule an exploratory meeting with our team and we offer GDPR Compliance Diagnosis free of charge to the first 10 customers!
We are available through the contacts: bdevelopment@moneris.pt | 210316400.