The road from the industrial to the information society takes us on data highways, already data is one of the most important raw materials in the 21st century. Our business life is already characterised by the extensive collection, processing and use of personal data. The development of new, forward-looking digital products in the industry 4.0 will require the processing of personal data in all sectors of the economy. Successful digital products are the key to new markets; they generate and secure competitive advantages.
Companies therefore have no choice but to make data privacy and data protection law a core field of their corporate governance. This is the only way to ensure sustainable corporate governance. This encompasses employee data, including social and health data, customer data, third party and service provider data as well as competitor data and other types of personal information.
In addition to opportunities, there are also risks. Besides protecting against attacks from third parties, the training, integration and motivation of employees is crucial to a company’s data protection. Are your employees sufficiently trained in the handling of relevant data? How can you avoid dissatisfied or terminated employees causing a data leak? The resulting serious disadvantages in competition as well as the damage to your company’s reputation among customers and the general public cannot be overestimated. This is already demonstrated by common cases of data theft, hacker attacks or poor data management.
The EU General Data Protection Regulation (GDPR) will apply in the European Union as of 25 May 2018. The guiding principles of European data protection law are regulated in 99 articles. Companies processing personal data in the European Union, irrespective of their domicile, must comply with the following basic principles defined in the GDPR:
The General Data Protection Regulation, which is directly binding for all companies and public authorities, establishes a strict sanctions regime in which fines of up to 20,000,000 EUR or 4% of the total worldwide annual turnover of a company can be imposed.
The new version of the German Federal Data Protection Act (Bundesdatenschutzgesetz; BDSG) will enter into force at the same time as the General Data Protection Regulation implementation law in May 2018. Here, too, the legal framework is being changed, which companies must take into account.
Our team of data privacy experts has many years of extensive and practical experience in advising, developing and implementing data protection instruments that enable companies to implement active and proactive data protection management, such as:
The Buse Heberer Fromm data privacy team is at your disposal to help you achieve your business goals. We help you to prevent legal data protection risks before they arise. In the event that data protection is violated, we support you in quickly identifying dangers and neutralising them in the long term.
Based on our team members’ extensive operational experience, we implement strategic, flexible and proven concepts that meet the highest standards and quality requirements. In this way, our clients are able to meet the data protection requirements – in Germany, the European Union and worldwide.