H&M has been hit with a $40m GDPR fine for illegally surveilling employees in Germany.

Subscribe
Notify of
guest

1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Francis Gaffney
Francis Gaffney , Director of Threat Intelligence
InfoSec Expert
October 3, 2020 5:00 pm

GDPR is not just something else an organisation needs to comply with, but rather benefit from the behaviours GDPR is designed to encourage. Organisations shouldn’t view regulation such as this as a burden and start to view it through the lens of their customers, partners, or employees. If someone trusts you with their data, you owe it to them to be completely honest about what data you are collecting and to protect it, know exactly how (and where) it is stored, and who can access that data.

Many organisations are having to pay penalties for such data breaches and it is only afterwards that the true cost of a breach is realised and those previously perceived potential savings from not investing in security and data management solutions is trivial compared to the significant financial penalties. Furthermore, it is often the case that the damage to the organisation’s reputation and branding dwarfs the fine imposed.

Last edited 2 years ago by Francis Gaffney
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x