|
|
|
|
|
|
by relaunched
2663 days ago
|
|
|
This isn't legal advice and I'm not a lawyer. Your advice is kinda true, but your sentiment is dangerous. With all regulatory issues, you can get away with them up until you can't. However, the difference between cripple fines or jail or gross negligence is whether or not you made reasonable or better attempts to do the right thing. As a company, you never know when something terrible is going to happen and telling people not to worry about it is dangerous and irresponsible. That being said, compliance programs are put together based on best practices and litigation. The more litigation occurs, the better we understand the legislation / guidance that is often poorly written / defined. That's why GDPR / CCPA consultants are just best guessing - but, it always helps to have a reputable, 3rd party attest to the validity of your methodology - it shows that you tried hard to do the right thing. 3rd party audits are even better. Trying to do the right thing is a cost of doing business - if doesn't have to be prohibitively expensive and it's part of doing business, responsibly. |
|
|