GRTU welcomes the introduction of GDPR
As the General Data Protection Regulation comes into force GRTU Malta Chamber of SMEs would like to note that while supporting the rights of citizens and the importance to protect their personal data, we need to give more time for fuller implementation by businesses.
The aim of the GDPR is to bring all member states in line under one common regulation. The GDPR increases privacy for individuals and aims to ensure that personal data gathered is collected lawfully and with the individual’s full consent.
The new regulation also gives regulatory authorities more power to act on those who do not comply. In this regard, local authorities can now impose harsher fines with up to 4% of annual turnover or €20m, whichever is greater.
In order to prepare its members for this regulation and in light of the serious implications this regulation brings, GRTU has for the past months organised a number of information sessions, seminars and conferences for its members. Through these seminars, members were given the necessary information and tools to bring their business in line with this regulation.
GRTU, however, notes that the GDPR is unfortunately not the easiest legislation to comply to. It is cumbersome in many ways, failing to make a distinction between SMEs and larger organisations. Moreover, this regulation is also very subjective and in many ways open to interpretation.
Although GRTU believes that its members are doing their best to comply with this regulation, one cannot expect businesses to become fully compliant right from the start. GRTU joins the rest of EU employer organisations and encourages local enforcement authorities to guide above all and give out warnings rather than impose fines, during the first year of implementation. This is being proposed with full respect toward EU and local legislation and without the aim of undermining such legislation.
GRTU will remain available to assist its members throughout the process.