What Is GDPR And Why Is It Important to My Business?

If you own a business, you’ve heard of the European Union’s (EU) enforcement of the General Data Protection Regulation (GDPR).  Despite the May 25thdeadline, some businesses are still behind in their compliance.  This regulation applies to any business that has business operations within the EU.  Hall & Company represents numerous international businesses, and our team of CPAs and tax advisors wants to ensure that our clients are compliant.

What is GDPR?

In the wake of the Facebook/Cambridge Analytica data collection storm, governments and consumers both sought tighter restrictions on protecting people’s data online. The GDPR regulations took effect May 25th.  The regulations are meant to ensure that people are able to control what and who is monitoring their information online.  There are also more strict guidelines regarding data collected in the EU and used in other parts of the world. Businesses that process or handle personal data must be built with data protection by design and by default.  What this means is that personal data can only be stored anonymously.  That data also must not be used publicly nor stored without explicit consent.

What Are the Fines?

Here is the list of the following sanctions for businesses that violate GDPR regulations from the EU’s website:

The General Data Protection Regulation (GDPR) provides the Data Protection Authorities with different options in case of non-compliance with the data protection rules

  • likely infringement – a warning may be issued;
  • infringement: the possibilities include a reprimand, a temporary or definitive ban on processing and a fine of up to €20 million or 4% of the business’s total annual worldwide turnover.

It is worth noting that in the case of an infringement, the DPA may impose a monetary fine instead of, or in addition to, the reprimand and/or ban on processing.

How steps do my business take?

  1. Understand the law
  2. Ensure that your team has a complete mapping of your data collections. This includes your website, any email software or digital communications that have access to consumer data
  3. Determine your data classification, and then analyze who has access to the data on your team
  4. Review your data policies
  5. Notify your customers about your updated privacy policy and that your business is GDPR compliant.

Hall & Company cares about our clients, and our team is already reading stories about claims of compliance violations by Facebook and Google.We want to make sure businesses are aware of GDPR and are compliant.  The consequences could have great financial impact if violations are found.

If you are a business in need of a CPA Firm, contact Hall & Company.   Based in Irvine, we specialize in the accounting, tax, and business advisory needs of small local companies to international corporations.


Leave a Reply

Your email address will not be published. Required fields are marked *