Without Quick Compliance Measures, Companies Are At Risk
BRUSSELS, BELGIUM, March 18, 2021 /EINPresswire.com/ — A recent webinar held by Anonos, a leading provider of GDPR-Pseudonymisation software, revealed that GCs, CPOs, and DPOs perceive a high-risk level from the Schrems II judgement. 89% of the webinar participants described the potential of terminated data processing under Schrems II as either “catastrophic” or “serious” for their business. Moving away from fines-based consequences, the risk of termination of data flows under Schrems II would mean severe disruptions for companies found to be non-compliant.
Recently, Anonos released a ‘quickfire’ quiz intended to help businesses determine whether they satisfy new Schrems II requirements. The quiz provides a 1-minute assessment with two simple questions so that organisations can quickly identify potential next steps they may need to take.
Gary LaFever, General Counsel and CEO of Anonos, explained that: “Many businesses may be unaware that they are not compliant, as typical business practices such as using US-provided cloud services are now unlawful without new and additional technical measures to protect EU personal data.”
Boards and C-Suite executives need to be briefed on the consequences of Schrems II for business predictability of operations. Anonos released a Board Risk Assessment Framework earlier this week, which GCs, CPOs, and DPOs can use to help brief Boards and executives on the risks that have arisen as a result of Schrems II, including risk of business disruption, and the risk of civil and criminal exposure for Board members..
The Risk Assessment Framework also summarises the critical and technical aspects of the Schrems II judgment and its new requirements. With most legal and privacy executives seeing “catastrophic” or “serious” results of non-compliance, Boards who do not take action may be putting themselves and their companies at a significant disadvantage.
European Data Protection Board (EDPB) guidance has already provided organisations with key requirements for new technical measures, including the implementation of GDPR-Pseudonymisation for protecting data in use, and encryption for protecting data at rest and in transit (see article: https://www.linkedin.com/pulse/edpb-schrems-ii-guidance-highlights-supplemental-measures-lafever/).
Compliance steps should be undertaken with urgency, as a significant amount of time has now passed since the Schrems II judgement. Gary LaFever added: “Many businesses are beginning to implement GDPR-compliant Pseudonymisation technology as recommended by the EDPB to protect data when in use. Others still need to get started. Anonos provides a wide range of materials to help them get up to speed and figure out how to avoid potentially catastrophic business consequences.”
Schrems II Resources:
Join the Schrems II Linkedin Group with over 4,800 of your colleagues: https://www.linkedin.com/groups/12470752/
Are you Schrems II Compliant Quiz (in 2 questions): https://www.anonos.com/TakeTheQuiz
Schrems II Knowledge Hub: https://www.SchremsII.com/KnowledgeHub
Source: EIN Presswire