The GDPR Temperature Tool - A new free resource for European SMEs to understand their risk of GDPR-related sanctions

Home » News » The GDPR Temperature Tool - A new free resource for European SMEs to understand their risk of GDPR-related sanctions

The GDPR came into force in May 2018 with a blaze of publicity but 18 months on, still many businesses are unclear on how at risk they are from GDPR-related sanctions. The vast majority of business leaders believe that it is essential to comply with the GDPR, especially as companies can risk crippling fines. Indeed, while many companies did act when the regulation came into force, this was often to cover the absolute minimum areas of compliance. Therefore, their risk to sanctions has not disappeared.

But how can companies and in particular SMEs really understand how at risk they are to fines and what they should do about it?

The EC-funded H2020 project cyberwatching.eu has launched the GDPR Temperature Tool, to help European SMEs understand just how at risk they are to sanctions or fines. By answering a set of questions on data processing activities, the tool provides an indication, or temperature, of a company’s risk to sanctions. The higher the temperature, the higher the risk. In addition, a free a customised set of practical and actionable recommendations is provided.
The whole process takes around 15 minutes so well worth the time, especially when the recommendations come directly from ICT Legal Consulting, a law firm with plenty of expertise in the area.

The GDPR temperature is an awareness tool which helps SMEs, though a practical self-assessment, to understand their exposure to risk of sanctions due to GDPR violations and act accordingly in order to improve their compliance posture.”  says Paolo Balboni, the lead creator of the tool and founder of ICT Legal Consulting, partner in cyberwatching.eu.
The need for a more proactive rather than reactive approach is echoed by Sebastiano Tofaletti, Secretary General, Digital SME Alliance which is also partner in the cyberwatching.eu project. "GDPR rules are setting the global standard for personal data protection. European digital SMEs are at the forefront of these developments, extending GDPR-compliant solutions to all economic sectors. However, the SMEs in more traditional sectors reportedly lack the understanding of GDPR and look for solutions only after the breach happens. Thus, it is very important for every SME to have simple means of evaluating the compliance and risk of sanctions, and to understand the need for further assistance before any violation occurs".

The tool can be used as an important preliminary step for SMEs to facilitate their understanding of where they stand with respect to the GDPR in terms of “risks to sanctions”. Balboni stresses though that the SMEs should not only evaluate the risk of sanctions but, complementarely and more importantly for compliance purposes, SMEs are requested to assess the risks that their data processing activities pose on individuals.
Assessing risk is an essential process that all companies need to take action on. Risks vary in likelihood and severity for rights and freedoms of natural persons posed by the relevant processing activities. It’s vital for companies to keep on top of this and design data processing activities that are legally and ethically respectful of individuals".

The GDPR Temperature Tool is available through the cyberwatching.eu website here: gdprtool.cyberwatching.eu

News

The digital era is creating numerous new opportunities for SMEs across Europe. But, at the same time, it introduces new cybersecurity and privacy challenges which can lead to business disruption and financial impact. From 28th to 30th of January visit our stand for free at FIC2020 in Lille, France, and get independent advice from Europe’s leading innovators.

Future Events

“Securing The Law Firm” will cover key subjects for an audience of professionals tasked with safeguarding digital assets and sensitive data. There will be real-life case studies, strategic talks, and technical break-out sessions from security teams behind some of the world's most admired brands, who know that security is now more important to business than ever.

23/01/2020

The European Network for Cybersecurity (NeCS) PhD School was launched in response to the increasing need of highly qualified experts in cyber-security. The School addresses the issues of training and development of talented junior researchers as indicated in the European Cybersecurity strategy and highlighted in the EC's Digital Agenda.

20/01/2020 to 24/01/2020