The GDPR has introduced a tiered approach to fines, meaning that the severity of the breach will determine the fine imposed. Not having their records in order or failing to report any breaches to the authorities can be fined a maximum of 2% of their annual global turnover. The maximum fine a company can face is 4% of their annual global turnover, of €20 million, whichever is the highest.
What is Data Breach? A personal data breach is security incident that results in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or