Get ready for the new data protection rules

12th September 2017

The government is to introduce new data protection rules under the General Data Protection Regulation (GDPR) which takes effect from 25 May 2018.

Under the GDPR businesses will have increased obligations to safeguard the personal information of individuals which is stored by the business. These rules apply to the information of customers, suppliers or employees. Generally for those who are currently caught by the Data Protection Act it is likely that you will have to comply with the GDPR.

GDPR will apply to data ‘controllers’ and ‘processors.’ Processing is about the more technical end of operations, like storing, retrieving and erasing data, whilst controlling data involves its manipulation in terms of interpretation, or decision making based on the data. The data processor processes personal data on behalf of a data controller. Obligations for processors are a new requirement under the GDPR.

The GDPR applies to personal data which is wider than under the Data Protection Act (DPA).

One key change to the current DPA rules is that those affected will have to show how they have complied with the rules. Proof of staff training and reviewing HR policies are examples of compliance.

Under GDPR, higher standards are set for consent. Consent means offering people genuine choice and control over how their data is used.

Overall, the aims of GDPR are to create a minimal data security risk environment, and to protect personal data to rigorous standards. For most organisations, this will entail time and energy getting up to speed with compliance procedures. Reviewing consent mechanisms already in place is likely to be a key priority. In practice, this means things like ensuring active opt-in, rather than offering pre-ticked opt-in boxes, which become invalid under the new rules.

Organisations will also have to think about existing DPA consents. The ICO’s advice is that:

‘You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.’

Where the current consents do not meet the new GDPR then action will be needed.

The fines for non compliance are severe at up to 20 million euros or 4% of total worldwide annual turnover (if higher).

The Information Commissioner’s Office (ICO) has published some very useful information and a 12 step planning guide to help organisations get ready ahead of the May 2018 deadline.

 

 

For further information and advice get in contact with our team at Decisive:IT who can offer practical advice and take you through the steps you need to take to ensure you are compliant with the upcoming GDPR changes.

 

Other helpful links: ICO getting ready GDPR 12 steps.pdf



 
Other items in Blogs
 
Stephen Malkin
21st January 2021 1-Mar-21: Are you ready for new VAT Domestic Reverse Charge rules for construction services?

VAT registered businesses working within the construction sector should be aware that new reverse charge VAT administration rules are being introduced wef 1 March 2021 (delayed from original October 2019 launch date). The Government announced in the 2018 Budget that they are trying to reduce missing trader fraud; where builders collect VAT from their customers…

Read More »

Richard Alecock
13th January 2021 Information on local business grants from West Suffolk Council

Find out the up-to-date information on local business grants from West Suffolk Council during the COVID-19 pandemic:   COVID-19 support for business – grants (westsuffolk.gov.uk)

Read More »

Jonathan Moore
8th January 2021 New lockdown grants to support businesses and protect jobs

On 5th January 2021 the Chancellor announced new one-off top up grants for retail, hospitality and leisure businesses worth up to £9,000 per property to help businesses through the new lockdown.   The one-off top-ups will be granted to closed businesses as follows:   £4,000 for businesses with a rateable value of £15,000 or under…

Read More »

Chris Kelly
8th January 2021 Wrongful Trading Liability Suspension – Renewed 26 November 2020

In March 2020 the Government temporarily suspended wrongful trading provisions until 30 September 2020.   The purpose of this measure had been to ensure that company directors could continue to operate during Covid-19 without worrying about becoming personally liable for wrongful trading.   On 26 November 2020, following the 2nd lock down, new legislation came…

Read More »

Jaimie King
4th January 2021 Coronavirus loan scheme deadline extended

On 17th December the government announced a further extension to the Coronavirus Business Interruption Scheme loans (CBILS) – meaning that businesses now have until 31st March 2021 (previously 31st January) to apply.   This welcome announcement means that more businesses will be able to enter the loan scheme, benefitting from the needed funds during these…

Read More »

Nick Edgley
18th December 2020 Don’t miss 31 January deadline for filing your Self-Assessment Tax Return

The New Year is approaching and so is the deadline for filing your Self-Assessment Tax return – January 31, 2021.  Our tax experts can ensure everything is completed accurately and submitted on time.   If you need help or advice with your tax return or any other accounting or financial matters, please contact your local…

Read More »