Get ready for the new data protection rules

12th September 2017

The government is to introduce new data protection rules under the General Data Protection Regulation (GDPR) which takes effect from 25 May 2018.

Under the GDPR businesses will have increased obligations to safeguard the personal information of individuals which is stored by the business. These rules apply to the information of customers, suppliers or employees. Generally for those who are currently caught by the Data Protection Act it is likely that you will have to comply with the GDPR.

GDPR will apply to data ‘controllers’ and ‘processors.’ Processing is about the more technical end of operations, like storing, retrieving and erasing data, whilst controlling data involves its manipulation in terms of interpretation, or decision making based on the data. The data processor processes personal data on behalf of a data controller. Obligations for processors are a new requirement under the GDPR.

The GDPR applies to personal data which is wider than under the Data Protection Act (DPA).

One key change to the current DPA rules is that those affected will have to show how they have complied with the rules. Proof of staff training and reviewing HR policies are examples of compliance.

Under GDPR, higher standards are set for consent. Consent means offering people genuine choice and control over how their data is used.

Overall, the aims of GDPR are to create a minimal data security risk environment, and to protect personal data to rigorous standards. For most organisations, this will entail time and energy getting up to speed with compliance procedures. Reviewing consent mechanisms already in place is likely to be a key priority. In practice, this means things like ensuring active opt-in, rather than offering pre-ticked opt-in boxes, which become invalid under the new rules.

Organisations will also have to think about existing DPA consents. The ICO’s advice is that:

‘You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.’

Where the current consents do not meet the new GDPR then action will be needed.

The fines for non compliance are severe at up to 20 million euros or 4% of total worldwide annual turnover (if higher).

The Information Commissioner’s Office (ICO) has published some very useful information and a 12 step planning guide to help organisations get ready ahead of the May 2018 deadline.

 

 

For further information and advice get in contact with our team at Decisive:IT who can offer practical advice and take you through the steps you need to take to ensure you are compliant with the upcoming GDPR changes.

 

Other helpful links: ICO getting ready GDPR 12 steps.pdf



 
Other items in Blogs
 
Jodie Pheby
22nd July 2021 Accounts Basis Period Reform – Consultation

Under current rules, businesses draw up annual accounts to the same date each year. The profit/loss for the tax year is usually the profit/loss for the year to the accounting date – called the basis period.  Tax is paid on profits earned in the basis period ending in the tax year in question.   However,…

Read More »

Nick Edgley
15th July 2021 31st July: Can your tax payment be reduced?

Many taxpayers who are required to file a self-assessment tax return to HM Revenue & Customs should now be preparing for their next tax payment which is due by 31 July. The amount payable is the second payment-on-account for the 2020/21 tax year and is automatically calculated as half of the total tax liability for…

Read More »

Ian Piper
6th July 2021 30-Sep-21: End of most COVID support measures for SME’s

When COVID directly impacted upon the UK in Spring 2020, the Government introduced a range of measures specifically targeted to help businesses survive the expected period of financial strain. Such businesses, that are still here, should now be planning ahead for when this support is gradually unwound: 21-Jun-21 Deadline for arranging with HMRC when to…

Read More »

Megan Turner
5th July 2021 Charity annual returns

The charity annual return service is now available for 2021 and can be found on the link below. https://apps.charitycommission.gov.uk/   Charities need to submit their annual return within 10 months of the financial year end.   Dependant on the level of income, the annual return has different requirements; Income under £10,000 It is only the…

Read More »

Bethan Hassey
1st July 2021 Changes to the reduced rate of VAT for hospitality, holiday accommodation and attractions

  In July 2020 the government announced that VAT registered business who operate in the hospitality and tourism industry could use a temporary 5% reduced rate of VAT on certain supplies compared to the standard 20%. The objective of this legislation was to support businesses in this sector during the Coronavirus pandemic and assist with…

Read More »

Thomas Nicholls
15th June 2021 Tax on Cryptocurrency does not have to be cryptic

Within the last 10 years the cryptocurrency scene has exploded from the first decentralised cryptocurrency, Bitcoin, being created back in 2009 to now more than 4,000 different cryptocurrencies being in existence with a total market cap value of over £1trillion.   This has led to the creation of the Cryptoassets Taskforce which was announced back…

Read More »