FTSE 100 and Fortune 500 firms could end up forking out up to £800 million in order to review contracts and to ensure compliance with the General Data Protection Regulation (GDPR) according to a report published by legal tech firm Axiom.
Many companies are currently planning for this. However, getting ready for the GDPR May 25 2018 introduction date, will not cost every firm a large amount of money. Costs of compliance very much depend on what procedures are currently established, and what range scope of personal data a company manages.
Cost Considerations of GDPR Compliance
One of the major costs for any firm will be auditing the data that they currently store, to make sure that it adheres to GDPR regulation.
This could be a massively expensive exercise, depending on the amount of data managed. Firms with more than 250 workers will also face the cost of employing or training a data protection officer (DPO), if there is not already one established, as stated in GDPR.
Non-Compliance Consequences
Thought the costs of complying with GDPR might seem high, the cost of non-compliance penalties will be significantly higher. There will be a system of financial sanctions, including a maximum potential fine of €20m, or 4% of yearly turnover, whichever is larger. There is also the cost reputation damage to reputation to think about. Any firm which experiences a data security violation is in danger of suffering this type of damage.
Any firm which is balking at the investment in GDPR compliance is in danger of encountering far larger costs due to non-compliance.