French businesses urged to have compliance plan for GDPR

Businesses operating in France will need to have a compliance plan in place if they want to avoid potential sanctions for breaches of the EU’s General Data Protection Regulation (GDPR).

Commission Nationale de l’information et des Liberties (CNIL), the French data protection authority, would be likely to consider the steps businesses were taking towards compliance in determining whether to take enforcement action once the GDPR begins to apply. This is because most businesses in France are unlikely to be fully compliant with the GDPR by 25 May this year, the date on which the new Regulation takes effect, she said. Richard said it was welcome that the CNIL had recognised this fact in a recent statement.

Source: French businesses urged to have compliance plan for GDPR

>