The EU states that “the Regulation is an essential step to strengthen citizens’ fundamental rights in the digital age and facilitate business by simplifying rules for companies in the Digital Single Market. A single law will also do away with the current fragmentation and costly administrative burdens, leading to savings for businesses of around €2.3 billion a year.”
One single law is instrumental to the riddance of the confusing situation where 28 separate member states all follow their own laws and regulations. Though the GDPR is very strict, once an organisation is compliant it can confidently do business across the EU. The hopeful expectancy is that this will lead to a significant administrative cost-saving.
Non-compliant organisations can face fines up to €20 million, or 4% of annual revenue – whichever is greater. These penalties are massive and can seriously harm organisations of any size. It stresses the importance of undertaking the considerable operational reforms required to be compliant when the day arrives.