Get ready for the new data protection rules

12th September 2017

The government is to introduce new data protection rules under the General Data Protection Regulation (GDPR) which takes effect from 25 May 2018.

Under the GDPR businesses will have increased obligations to safeguard the personal information of individuals which is stored by the business. These rules apply to the information of customers, suppliers or employees. Generally for those who are currently caught by the Data Protection Act it is likely that you will have to comply with the GDPR.

GDPR will apply to data ‘controllers’ and ‘processors.’ Processing is about the more technical end of operations, like storing, retrieving and erasing data, whilst controlling data involves its manipulation in terms of interpretation, or decision making based on the data. The data processor processes personal data on behalf of a data controller. Obligations for processors are a new requirement under the GDPR.

The GDPR applies to personal data which is wider than under the Data Protection Act (DPA).

One key change to the current DPA rules is that those affected will have to show how they have complied with the rules. Proof of staff training and reviewing HR policies are examples of compliance.

Under GDPR, higher standards are set for consent. Consent means offering people genuine choice and control over how their data is used.

Overall, the aims of GDPR are to create a minimal data security risk environment, and to protect personal data to rigorous standards. For most organisations, this will entail time and energy getting up to speed with compliance procedures. Reviewing consent mechanisms already in place is likely to be a key priority. In practice, this means things like ensuring active opt-in, rather than offering pre-ticked opt-in boxes, which become invalid under the new rules.

Organisations will also have to think about existing DPA consents. The ICO’s advice is that:

‘You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.’

Where the current consents do not meet the new GDPR then action will be needed.

The fines for non compliance are severe at up to 20 million euros or 4% of total worldwide annual turnover (if higher).

The Information Commissioner’s Office (ICO) has published some very useful information and a 12 step planning guide to help organisations get ready ahead of the May 2018 deadline.

 

 

For further information and advice get in contact with our team at Decisive:IT who can offer practical advice and take you through the steps you need to take to ensure you are compliant with the upcoming GDPR changes.

 

Other helpful links: ICO getting ready GDPR 12 steps.pdf



 
Other items in Blogs
 
Fiona Mann
22nd July 2019 Exam Success – World Beating Results!

  We’ve had some extraordinary exam results over the last few days – staff at Whiting & Partners have excelled themselves. Luke Bacon from St Ives office has achieved an outstanding result of 99% for the Financial Accounting and Reporting exam – coming joint first in the world.  This result has been recognised by the…

Read More »

Matilda Mawson
19th July 2019 Changes to Entrepreneurs Relief from 6 April 2019

Entrepreneurs’ relief allows a reduced rate of capital gains tax on disposals of all or part of your business assets. The reduced tax rate is 10% on up to £10 million of lifetime gains. There have been a number of significant changes to entrepreneurs’ relief in the last year, tightening the rules on qualifying conditions…

Read More »

Ernesta Petkeviciute
19th July 2019 New SRA accounting rules – what’s changing?

The current Accounts Rules are made up of over 40 detailed requirements, making it difficult for firms to fully understand what is required of them, as well as giving firms no flexibility to adapt them to their own practices and decide how best to look after client’s money.   The new rules coming into effect…

Read More »

Vanessa Pearson
15th July 2019 IR35: private sector off-payroll rules for contractors

This week HMRC have published draft legislation that will affect private sector personal services companies (PSCs)  from 6 April 2020. PSC’s supplying services to medium or large-sized organisations will no longer decide if they are employed or self-employed, the end engager will assess this. If caught by these rules, known as IR35, employment taxes and…

Read More »

Paul Jefferson
15th July 2019 Company car tax changes – Government will remove BIK company car tax on Electric Vehicles from 2020/21

The government has provided positive news for Company car drivers announcing that a pure electric vehicle (EV) will no longer pay benefit-in-kind (BIK) tax in 2020/21 following a review which looks set to boost sales of emissions-free cars. HM Treasury’s response to its review of the fallout from the roll-out of the Worldwide Harmonised Light…

Read More »

Barbara Nicholas
9th July 2019 31 July: Can you elect to reduce your tax payment?

Most individuals who are required to prepare and submit a self-assessment tax return to HM Revenue & Customs in each tax year should now be preparing for their next half-yearly tax payment which is due by July 31.   This tax is the second payment-on-account for the 2018/19 tax year. It is automatically calculated as…

Read More »