Ramsdens
Blog
The General Data Protection Regulations (GDPR) are set to come into force in the UK on 25 May 2018, before the UK will have been able to leave the EU. It is therefore important for UK businesses to understand what GDPR is and how they will need to prepare for and start to comply with GDPR notwithstanding Brexit – particularly as new research shows many businesses seriously mishandle customer data and consequently are at a high risk of failing to comply with these new regulations.
Some of the key changes include:
1) Enhanced data subjects’ rights
2) Security breaches
3) Consent
4) Data Protection Officer
Who does it apply to?
The Regulations are intended to apply to any and all data held in respect of EU citizens.
If you are a UK business that processes or stores EU citizen data then these regulations will apply to you.
What do you need to do to be compliant? With only two years to implement any procedures, forward planning is key!
Issues within your business to consider are:
- Review your privacy policies – are they clear and easily accessible?
- Prepare for data security breaches – do you have policies in place that enable you to react promptly to any breaches within specified time frames?
What are the consequences for non- compliance?
Penalties for breach include fines of up to 4% of annual global turnover.