[{"@context":"https:\/\/schema.org\/","@type":"BlogPosting","@id":"https:\/\/www.the-future-of-commerce.com\/2018\/02\/21\/3-gdpr-myths-that-could-cost-you-millions\/#BlogPosting","mainEntityOfPage":"https:\/\/www.the-future-of-commerce.com\/2018\/02\/21\/3-gdpr-myths-that-could-cost-you-millions\/","headline":"3 GDPR myths that could cost your organization millions","name":"3 GDPR myths that could cost your organization millions","description":"If you think that GDPR won't affect your organization, chances are, you're incredibly wrong.","datePublished":"2018-02-21","dateModified":"2023-01-24","author":{"@type":"Person","@id":"https:\/\/www.the-future-of-commerce.com\/contributor\/jason-rose\/#Person","name":"Jason Rose","url":"https:\/\/www.the-future-of-commerce.com\/contributor\/jason-rose\/","identifier":261,"image":{"@type":"ImageObject","@id":"https:\/\/secure.gravatar.com\/avatar\/dc2d976c71906ae54a3b4a7e0bf83893fb2617fc8f98dc36fe2bbce006be36c0?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/dc2d976c71906ae54a3b4a7e0bf83893fb2617fc8f98dc36fe2bbce006be36c0?s=96&d=mm&r=g","height":96,"width":96}},"publisher":{"@type":"Organization","name":"The Future of Commerce","logo":{"@type":"ImageObject","@id":"https:\/\/www.the-future-of-commerce.com\/wp-content\/uploads\/2023\/01\/logo-foc-schema-app-1.png","url":"https:\/\/www.the-future-of-commerce.com\/wp-content\/uploads\/2023\/01\/logo-foc-schema-app-1.png","width":172,"height":60}},"image":{"@type":"ImageObject","@id":"https:\/\/www.the-future-of-commerce.com\/wp-content\/uploads\/2018\/02\/thumbnail-07a82f96bda402efa07352bec36d57ce.jpeg","url":"https:\/\/www.the-future-of-commerce.com\/wp-content\/uploads\/2018\/02\/thumbnail-07a82f96bda402efa07352bec36d57ce.jpeg","height":375,"width":1200},"url":"https:\/\/www.the-future-of-commerce.com\/2018\/02\/21\/3-gdpr-myths-that-could-cost-you-millions\/","about":["Commerce Platforms + Software",{"@type":"Thing","@id":"https:\/\/www.the-future-of-commerce.com\/sales\/crm\/","name":"CRM","sameAs":["https:\/\/en.wikipedia.org\/wiki\/Customer_relationship_management","http:\/\/www.wikidata.org\/entity\/Q485643"]},{"@type":"Thing","@id":"https:\/\/www.the-future-of-commerce.com\/customer-experience\/customer-data\/","name":"Customer Data","sameAs":["https:\/\/en.wikipedia.org\/wiki\/Customer_data","http:\/\/www.wikidata.org\/entity\/Q56278300"]},{"@type":"Thing","@id":"https:\/\/www.the-future-of-commerce.com\/customer-experience\/","name":"Customer Experience","sameAs":["https:\/\/en.wikipedia.org\/wiki\/Customer_experience","http:\/\/www.wikidata.org\/entity\/Q984142"]},{"@type":"Thing","@id":"https:\/\/www.the-future-of-commerce.com\/commerce\/trends-commerce\/","name":"Trends","sameAs":["https:\/\/en.wikipedia.org\/wiki\/Fad","http:\/\/www.wikidata.org\/entity\/Q787045"]}],"wordCount":752,"keywords":["Brands","Consumer Journey","Consumer Privacy","Data","Data Protection","Digital Trends","EU Data Regulations","GDPR","Google","Privacy","Privacy Laws","Retail"],"articleBody":"When it comes to GDPR, the European Union\u2019s General Data Protection Regulation, many organizations appear to be asleep at the wheel. If you think that GDPR won’t affect you or your organization, chances are, you’re incredibly wrong, and it could cost you and your company in tremendous ways.GDPR: The basicsFirst, companies must be able to show compliance with GDPR by May 25, 2018.\u00a0GDPR affects not only the EU nations, but all\u00a0companies that keep data on EU customers,\u00a0even if the company doesn\u2019t maintain offices or\u00a0servers in the EU.GDPR affords customers in the EU protection of the following identifying types of information:\u00a0– Racial and ethnic information, as well as sexual orientation– Identifying information, like names, addresses, and ID numbers– Health, biometric, and genetic data– IP addresses, cookie data, location, and RFID tags– Political leaningsThe top 3 GDPR myths1.) A product can make you GDPR compliantThere is no product on the market that can make your organization GDPR compliant. The tools provided are meant to make the implementation of GDPR simpler by recording all information about customers in a single database.GDPR laws state that consumer permissions must be validly obtained, and that data collections and storage must be transparent. Customers in the EU will be able to demand a right to be forgotten, which means that they can request organizations to erase all data that is held about them. Having this information in one location will greatly increase the assurance that your company is GDPR compliant.Other important facets of GDPR include the fact that consumers must be notified within 72 hours of a data breach, and that safeguards need to be put in place for protection of customer data, such as data protection risk assessments (DPIA).One of the most important and overlooked aspects about GDPR is that the best system in the world won’t work if employees are not properly trained.All organizations will be required to appoint key positions to ensure that GDPR compliance is being met: Data controller, data processor, and data protection officer (DPO).The DPO is responsible for driving the GDPR strategy, including security measures and overall compliance. The data controller oversees how personal data is collected and processed, as well as insures that outside contractors are complying with GDPR. Data processors can include members from your organization as well as partners like cloud providers. GDPR maintains that processors are liable for data breaches or non-compliance.2.) GDPR doesn\u2019t affect meThink of the analogy of a tree falling over in a forest: If nobody hears it, does it make a sound? This is very similar to GDPR: If the EU passes a privacy law, can anybody in the US hear it?GDPR will be funded by a concept very familiar to most Americans – ticket book motivation. Imagine GDPR as a quaint town that derives most of its income from speed traps that are set throughout. Unsuspecting drivers pay large fines for violating traffic laws that are strictly enforced. GDPR operates much the same way – organizations will face steep penalties for not following the rules.Any organization that believes GDPR doesn’t affect them might have a big surprise come June of 2018. Even if your company doesn’t have servers or a business presence in the EU, you must comply with GDPR if you:– Process personal data of EU citizens or residents– Have more than 250 employees– Have less than 250 employees, but regularly collect and process personal data of citizensFrom purchasing a product, to newsletter subscriptions to promotional offers, each facet of customer interaction requires that GDPR compliance is met.3.) GDPR won\u2019t be taken seriouslyIf you think for a moment that GDPR won’t be strictly enforced, you are setting your organization up for an incredible and expensive shock.For instance, prior to GDPR, Equifax could have been fined $27 million for the stunning\u00a0data breach which exposed the personal, identifying information of over 143 million consumers. After GDPR, Equifax could face over $125 million in fines.GDPR penalties for non-compliance can be steep: Up to $20 million, or 4% of global revenue, whichever is higher. All indications are that GDPR will be strictly enforced, and that companies who aren’t demonstrating compliance will serve as the first examples of the very serious nature of this law.GDPR myths could cost your company millions. You want to be prepared, and you want to start preparing now.Times are tough.Free tools to check in on your employees can be found HERE."},{"@context":"https:\/\/schema.org\/","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"2018","item":"https:\/\/www.the-future-of-commerce.com\/2018\/#breadcrumbitem"},{"@type":"ListItem","position":2,"name":"02","item":"https:\/\/www.the-future-of-commerce.com\/2018\/\/02\/#breadcrumbitem"},{"@type":"ListItem","position":3,"name":"21","item":"https:\/\/www.the-future-of-commerce.com\/2018\/\/02\/\/21\/#breadcrumbitem"},{"@type":"ListItem","position":4,"name":"3 GDPR myths that could cost your organization millions","item":"https:\/\/www.the-future-of-commerce.com\/2018\/02\/21\/3-gdpr-myths-that-could-cost-you-millions\/#breadcrumbitem"}]}]