“Every organisation or sole trader who processes personal information needs to pay a data protection fee to the ICO, unless they are exempt.”
|Data Protection Fee||Micro||SME||Enterprise|
|Turnover Band||Up to £632,000||Up to £36m||Over £36m|
|Employees Band||Up to 10||Up to 250||Over 250|
But there are also the costs of ensuring you undertake the requirements of the legislation – and these will be unknowable as they totally depend on the operations and approaches you use for your organisation.
It is these unknowable costs that will be far more than the data protection fee costs as they involve:
- enacting the legislation through the organisation,
- covering training,
- IT systems,
- set up time and costs, etc.
As well as, this there are the costs of following the rules:
- responding to queries,
- sending out information,
- following up requests to delete data/change data/report data,
- interacting with the authorities,
- insurance costs
At this point the next step is to identify what it is you need to do to comply with the GDPR requirements. Let us know if you need any assistance on this.
All of these costs fade into insignificance against the potential cost of the loss of reputation from not fulfilling the GDPR rules correctly (which is far more than any fine, penalty or corrective action that may be officially applied).