What are the penalties for non-compliance with any applicable data protection laws?
Non-compliance with data privacy laws and data breaches may lead to sanctions, fines, and penalties. The amounts are usually calculated according to the risk to which personal rights were exposed and the preventive measures taken by the data controllers, processors and sub-processors in relation to their respective role in the chain of personal data processing.
In Serbia, data controllers, data processors and data users with the status of a legal entity can be fined for breaching Personal Data Protection Laws in the amount of RSD 50,000 to RSD 1,000,000 (roughly 500-10,000 USD). In addition, the responsible person can be fined for a misdemeanor in the amount of RSD 5,000 to RSD 50,000.
HR Best Practices: Before processing personal data make sure that you have received consent from employees (as needed) and approval from Serbia’s data protection Commissioner. In addition, take all necessary steps to protect employee and applicant data.
Led by PeopleDoc’s Chief Legal & Compliance Officer, the HR Compliance Assist team relies on a network of internal and external compliance experts and lawyers, including the global law firm Morgan Lewis, to provide clients with best practices and recommendations on topics such as HR document retention, employee data privacy, and HR electronic records. HR Compliance Assist also provides local compliance monitoring and alert services in select countries where PeopleDoc’s customers have employees. HR Compliance Assist is a service exclusively available to PeopleDoc customers.