Since 2018, the increase in the difficulty of processing personal data derived from new national and European legislations has led to an increase in sanctions for breach of data protection in Europe, particularly in Spain. The Spanish Data Protection Agency (AEPD) has intervened over 295 times, each with a corresponding sanction, making it one of the most active data protection agencies in the European Union.
According to data published on the agency’s own website, it is estimated that the AEPD has collected approximately 23,462,000 euros in the first eight months of 2021. The penalties
Imposed on Spanish businesses have affected all types of businesses, without size distinction, due to infringements ranging from non-notified data breaches to emails without a hidden copy. This is in part because, as a result of remote working, all companies have been forced to adapt their operations systems to this new reality but they have failed to adequately update established policies and procedures.
Internationally, a few countries are joining the implementation and/or updating of data protection laws. Among them are China, which has already passed its data protection law (Personal Data Protection Law -PIPL-), and Singapore, which has updated its Personal Data Protection Act (PDPA).
At UHY Fay & Co we have a team specialized in helping companies comply with the different regulations regarding the protection of personal data to reduce the chances of non-compliance with the different regulations. If your company has not yet managed to properly renew its data protection strategy, we will be happy to assist you.