GDPR preparations gain momentum

February 15, 2018

 

With just three months to go until the new General Data Protection Regulation (GDPR) comes into force, all businesses should now have started planning how they will comply with the stricter requirements for processing personal data.

When the GDPR comes into force on 25 May, data protection laws in the UK will undergo their biggest overhaul since the Data Protection Act 1998. The changes will also apply throughout the rest of the EU, as the GDPR is an EU regulation. However, the UK has already announced that it will continue to comply with the GDPR after Brexit.

Some of the key changes to be introduced are:

  • The definition of “consenting” to the use of personal data has been narrowed, so that it will no longer be acceptable for individuals to give permission through pre-filled tick boxes, or by accepting a term that is hidden among other lengthy terms and conditions.
  • Organisations must be open and transparent with individuals about how and why they intend to process their personal data.
  • It will be compulsory for some businesses to appoint a Data Protection Officer to oversee their compliance with the GDPR.
  • There will be new requirements to keep written records of decisions taken about the processing of personal data.
  • The maximum fines for serious cases of non-compliance will increase to the higher of €20 million or 4% of an organisation’s turnover.

In practice, in order to comply with the GDPR, businesses will need to assess all of the personal data they hold (including marketing databases and details of current and former employees) to see whether they still have a valid basis for holding and processing it. If not, the data will need to be deleted if fresh consent cannot be obtained from each individual. Businesses should also review and amend their commercial and employment contracts and policies, or bring in new policies, ensure their staff are trained on how to handle personal data, and put systems in place for recording all decisions that are taken.

 

Read more

Contact Our Team

To speak to one of our experts today, please contact us on 02920 829 100 or by using our Contact Us form for a free initial chat to see how we can help.

Catherine Burke
Partner
View Profile
Damian Phillips
Partner
View Profile
Fflur Jones
Managing Partner
View Profile
Gareth Wedge
Partner
View Profile
Mark Rostron
Partner
View Profile
Nick O’Sullivan
Partner
View Profile
Owen John
Partner
View Profile
Rhodri Lewis
Partner
View Profile
Stephen Thompson
Partner
View Profile

What our clients have said...