72 Hours: The timeline of a GDPR breach
With the GDPR now in full effect, it is important to be aware of the consequences that apply to those businesses that have chosen not to comply with the new data protection legislation. Any company now found to not be in compliance can face a fine of €20 million or 4% of their annual turnover, whichever is greater.
As the stakes are so high it really is crucial that companies adhere to the GDPR. One main focus of the GDPR is data security.
A typical company holds several items of personal information relating to multiple individuals. The payroll department, in particular, is a hot spot for personal data. A payroll professional will have bank accounts, addresses and birth dates of every individual that they pay at their disposal.
Considering the security of all of this sensitive personal information, managing the data securely should definitely be a high priority. Being unsure or even second-guessing the security of the data you hold and process just won't be enough to comply with the GDPR legislation. Some businesses may just assume that the data they hold is stored securely until the unthinkable happens, like a ransomware attack or a lost or stolen laptop.
Unfortunately, if this scenario does happen, then it must be reported to the authorities within 72 hours and can ultimately end in a non-compliance fine. The 72-hour window starts immediately after the business becomes aware of the breach. Worryingly, on average, a data breach goes unnoticed for 191 days and it takes an average of 66 days to contain that breach.
BrightPay’s new secure cloud add-on, BrightPay Connect is designed to help payroll professionals ensure compliance with GDPR by offering a self-service portal.
BrightPay Connect takes the stress out of data security and GDPR as it works automatically in the background while you process payroll. You can be assured that your payroll data is backed up to a secure, highly encrypted cloud server.
Written by Cailín Reilly | BrightPay Payroll Software.
- GDPR & Payroll processing: Do I need consent from my client’s employees?
- GDPR: FAQ’s Answered.
- BrightPay launches an employee payroll smartphone app
Are you missing out on our newsletter? We will not be able to email you without you subscribing to our mailing list. You will be able to unsubscribe at anytime. Don’t miss out - subscribe today!