Investigating or responding to investigations can be complicated and challenging. But with a robust process and the correct team of professionals, the daunting task of securing data for an investigation can be brought under control.
As an organization doing business in multiple international jurisdictions, conducting an internal investigation or responding to an external probe will require, not only that you unearth the information necessary to mount your defense, but that you gather the data, preserve, handle or transfer it in accord with stringent laws and regulations that can vary widely from nation to nation.
The GDPR introduces a tiered penalty approach for breaches, where fines for breaches are much higher than under previous regulations, up to four percent of annual worldwide turnover or €20 million.
2019 has already seen two major companies, British Airways and Marriott, face steep fines for data breaches in which millions of customers had their personal data stolen. This will no doubt give organizations some pause for concern in order to make sure personal data is sufficiently secured but to also respond in mitigation to the level of fines imposed versus the severity of the data breach.
FRA Senior Director, Andy Hunniford, discusses how to handle this challenge in GIR’s Data Privacy and Transfer in Investigations publication as well as discussing how the current evolution of technology will change the face of white-collar law enforcement and related investigations and litigation.