GDPR - General Data Protection Regulation - is coming to the UK rulebooks imminently thanks to the Data Protection Bill currently coursing its way through our constitutional system; it was entered into our Parliament on 14 September 2017.
In practice, this means that the biggest overhaul of UK data protection laws in quarter of a century is upon us and time is running out for all of UK Business to get their data protection affairs in order before the Information Commissioners Office (ICO) commence their role as the official enforcement agency next year.
But what’s the big deal? I hear you say. Well in short, GDPR greatly strengthens the rights that individuals have in respect of their personal data and regulates what you and your company can do with that data. You are strongly advised to have an individual's consent or a strong legal basis for processing their personal data.
If you don’t - then you are open to a referral to the ICO and potentially a FINE of up to 20 million Euros or 4% of global turnover. This might not bother a start up - but it should certainly bother an established business looking to protect its reputation for the future. This sort of fine would likely have a huge impact on a business where profit margins are already tight. Even for a start up, would you like to be landed in hot water with the ICO?
Don’t let your bottom line get eaten away by a fine that is totally avoidable!
I recommend that businesses take a good look at their approach to data security, data processing and security before this new legislation comes into force on 25 May 2018.
Avoid being in breach of the new Regulations by taking a look at the personal data that your company holds (it goes much further than names and addresses - what about all those email addresses that you hold?) and what you are doing with it?
Further information on steps you can take now can be found HERE.
You still have time - contact us if you want some assistance with understanding your obligations. Call 020 8263 6063 or email email@example.com