With less than two weeks to go before the General Data Protection Regulation ( GDPR ) comes into force on 25 May 2018, only 33% of respondents globally stated that they have a plan in place to comply with the EU legislation. The average response of those in Europe was more positive, with 60% indicating they have a compliance plan in place. There is still much more work to be done in other markets, including Africa and the Middle East (27%), the Americas (13%), Asia-Pacific (12%), where significantly fewer companies indicated readiness for GDPR compliance.
IMPLICATIONS ON SINGAPORE ORGANISATIONS
The nature of the GDPR is that as long as an organisation collects data on people within the EU, shares data or sells products and services within the EU, they will be subjected to GDPR – even if they are located in Singapore.
A global study by Veritas Technologies reported that 92 per cent of organisations in Singapore were concerned about not complying with the GDPR when it comes into effect in two weeks; 56 per cent of businesses were afraid of being unable to meet the regulatory deadlines.
In Singapore, the numbers are higher than the global average, with 92 percent of all local organizations expressing concerns over the potential GDPR fallout, along with 20 percent who fear that their business could shut down due to non-compliance.
This is in the face of potential fines for non-compliance as high as US$21 million (or S$29.8 million) or four percent of annual turnover – whichever is greater.
“Whether businesses reside in the European Union (EU) or not, local and regional companies that deal with EU consumers or employees will have to comply or risk running into hefty fines as high as 20 million euros or 4% annual turnover, whichever is higher,” said Sheena Chin, Country Manager, Veritas, Singapore, in an email interview with Networks Asia.
As the EU’s largest commercial partner within Asean, many organisations in Singapore will be caught in the fold. Not only can a non-compliance result in potential fines of S$29.8 million or up to four per cent global annual turnover, whichever is greater, it will also do damage to an organisation’s reputation among a business’s most valuable resource – its customers. Local organisations need to sit up and pay attention to GDPR if they haven’t already done so.
Recent phenomena such as the emergence of fake news and multiple cases of personal information loss have led to trust becoming a largely coveted business currency. To that end, GDPR comes at an opportune time for organisations to foster confidence and trust with customers.
By upholding the data standards championed under the GDPR, organisations will be able to demonstrate an augmented sense of corporate responsibility. It is by taking such measurements to protect customer’s interests, that organisations can provide accountability and cultivate trust. Good privacy practices are fast becoming a valued commodity.
GDPR-aware companies will also be ahead of the wave as more and more jurisdictions modify their privacy legislations to be closer to the GDPR.
About Virogreen Pte Ltd
Virogreen (www.virogreen.net) is the global leader in electronics recycling and secured data handling. We have experience in comprehensive IT asset disposition and Secured Data Destruction services either directly or through acquired businesses. Virogreen provides disposition services for all types of retired electronic equipment to local, national and global customers in every business sector including data centers, healthcare, financial service and technical organizations.
Virogreen has the global reach, expertise, and infrastructure necessary to ensure our customers that all electronic devices are processed in a secure and environmentally responsible manner.
Virogreen international footprint of operations across 12 countries enables us to offer a global scope of services on a myriad of local fronts.