Get ready for the new data protection rules

12th September 2017

The government is to introduce new data protection rules under the General Data Protection Regulation (GDPR) which takes effect from 25 May 2018.

Under the GDPR businesses will have increased obligations to safeguard the personal information of individuals which is stored by the business. These rules apply to the information of customers, suppliers or employees. Generally for those who are currently caught by the Data Protection Act it is likely that you will have to comply with the GDPR.

GDPR will apply to data ‘controllers’ and ‘processors.’ Processing is about the more technical end of operations, like storing, retrieving and erasing data, whilst controlling data involves its manipulation in terms of interpretation, or decision making based on the data. The data processor processes personal data on behalf of a data controller. Obligations for processors are a new requirement under the GDPR.

The GDPR applies to personal data which is wider than under the Data Protection Act (DPA).

One key change to the current DPA rules is that those affected will have to show how they have complied with the rules. Proof of staff training and reviewing HR policies are examples of compliance.

Under GDPR, higher standards are set for consent. Consent means offering people genuine choice and control over how their data is used.

Overall, the aims of GDPR are to create a minimal data security risk environment, and to protect personal data to rigorous standards. For most organisations, this will entail time and energy getting up to speed with compliance procedures. Reviewing consent mechanisms already in place is likely to be a key priority. In practice, this means things like ensuring active opt-in, rather than offering pre-ticked opt-in boxes, which become invalid under the new rules.

Organisations will also have to think about existing DPA consents. The ICO’s advice is that:

‘You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.’

Where the current consents do not meet the new GDPR then action will be needed.

The fines for non compliance are severe at up to 20 million euros or 4% of total worldwide annual turnover (if higher).

The Information Commissioner’s Office (ICO) has published some very useful information and a 12 step planning guide to help organisations get ready ahead of the May 2018 deadline.

 

 

For further information and advice get in contact with our team at Decisive:IT who can offer practical advice and take you through the steps you need to take to ensure you are compliant with the upcoming GDPR changes.

 

Other helpful links: ICO getting ready GDPR 12 steps.pdf



 
Other items in Blogs
 
Lucy Bayliss
12th November 2019 Finance charges for landlords – The knock on effects

  Since 6 April 2017, changes are being gradually introduced to restrict the relief available to landlords in respect of their finance costs. Under the old rules, the interest element of the mortgage payments was 100% allowable for income tax purposes. However, this is gradually being replaced with a 20% tax reducer instead. The timetable…

Read More »

Barbara Nicholas
1st November 2019 Brexit halts Budget

With all the uncertainty over Brexit, we waited a long time to learn the date of Sajid Javid’s first Budget.   Finally we learnt this was to take place on 6th November, amid great excitement at muted suggestions about the possible abolition of Inheritance Tax and radical changes to stamp duty.   The bubble has…

Read More »

Vanessa Pearson
28th October 2019 Off-Payroll Worker Tax Rules: Be prepared!

Knowledge based contractors working in the private sector will hopefully now be well aware that, subject to any possible Government last minute change of heart, new tax rules are coming next April. For many, who are not currently following IR35 rules, this will mean a large increase in the tax they pay; perhaps tens of…

Read More »

Matilda Mawson
24th October 2019 I’ve got 99 Problems but my Tax Return isn’t 1!

There are now only 99 days before the tax return filing deadline of 31 January 2020. Do not delay – file it today! Not sure if you need to file a tax return? HMRC have a questionnaire that only takes a few minutes and will check whether any of your income or gains will require…

Read More »

Jeannette Hume
24th October 2019 R&D Tax Claims: HMRC finally go-digital.

In February 2019 HMRC introduced an online tool to submit Research & Development tax relief claims (both SME and RDEC claims). It is still necessary to make the claim on a company tax return (form CT600), but the accompanying detailed R&D project information can (but does not have to) now be submitted by completion of…

Read More »

Ruth Pearson
17th October 2019 Is it too early to talk about Christmas!

In December 2018 HMRC wrote to employers to advise of a temporary easement on reporting PAYE information in real time. This was for a number of reasons, one of which could be due to businesses closing over the Christmas period and therefore having to pay staff earlier than normal.   HMRC have received feedback from…

Read More »