Expert Comment On H&M’s GDPR Fine

By   ISBuzz Team
Writer , Information Security Buzz | Oct 03, 2020 08:58 am PST

H&M has been hit with a $40m GDPR fine for illegally surveilling employees in Germany.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Francis Gaffney
Francis Gaffney , Director of Threat Intelligence
October 3, 2020 5:00 pm

GDPR is not just something else an organisation needs to comply with, but rather benefit from the behaviours GDPR is designed to encourage. Organisations shouldn’t view regulation such as this as a burden and start to view it through the lens of their customers, partners, or employees. If someone trusts you with their data, you owe it to them to be completely honest about what data you are collecting and to protect it, know exactly how (and where) it is stored, and who can access that data.

Many organisations are having to pay penalties for such data breaches and it is only afterwards that the true cost of a breach is realised and those previously perceived potential savings from not investing in security and data management solutions is trivial compared to the significant financial penalties. Furthermore, it is often the case that the damage to the organisation’s reputation and branding dwarfs the fine imposed.

Last edited 3 years ago by Francis Gaffney

Recent Posts

Would love your thoughts, please comment.x