Get ready for the new data protection rules

12th September 2017

The government is to introduce new data protection rules under the General Data Protection Regulation (GDPR) which takes effect from 25 May 2018.

Under the GDPR businesses will have increased obligations to safeguard the personal information of individuals which is stored by the business. These rules apply to the information of customers, suppliers or employees. Generally for those who are currently caught by the Data Protection Act it is likely that you will have to comply with the GDPR.

GDPR will apply to data ‘controllers’ and ‘processors.’ Processing is about the more technical end of operations, like storing, retrieving and erasing data, whilst controlling data involves its manipulation in terms of interpretation, or decision making based on the data. The data processor processes personal data on behalf of a data controller. Obligations for processors are a new requirement under the GDPR.

The GDPR applies to personal data which is wider than under the Data Protection Act (DPA).

One key change to the current DPA rules is that those affected will have to show how they have complied with the rules. Proof of staff training and reviewing HR policies are examples of compliance.

Under GDPR, higher standards are set for consent. Consent means offering people genuine choice and control over how their data is used.

Overall, the aims of GDPR are to create a minimal data security risk environment, and to protect personal data to rigorous standards. For most organisations, this will entail time and energy getting up to speed with compliance procedures. Reviewing consent mechanisms already in place is likely to be a key priority. In practice, this means things like ensuring active opt-in, rather than offering pre-ticked opt-in boxes, which become invalid under the new rules.

Organisations will also have to think about existing DPA consents. The ICO’s advice is that:

‘You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.’

Where the current consents do not meet the new GDPR then action will be needed.

The fines for non compliance are severe at up to 20 million euros or 4% of total worldwide annual turnover (if higher).

The Information Commissioner’s Office (ICO) has published some very useful information and a 12 step planning guide to help organisations get ready ahead of the May 2018 deadline.

 

 

For further information and advice get in contact with our team at Decisive:IT who can offer practical advice and take you through the steps you need to take to ensure you are compliant with the upcoming GDPR changes.

 

Other helpful links: ICO getting ready GDPR 12 steps.pdf



 
Other items in Blogs
 
Richard Alecock
24th May 2019 Making Tax Digital for VAT: Supplier statements now acceptable

In a welcome about turn, HMRC has changed its controversial policy on the recording of purchase invoices under Making Tax Digital for VAT. This will mean a huge time-saving for many businesses using the cash accounting scheme.   Under the cash accounting scheme, input tax is only claimed when payments are made to suppliers, and…

Read More »

Hannah Wisbey
22nd May 2019 Reform of Companies House Register

The government is consulting on proposals to significantly change the role of Companies House, with the aim of ‘increasing the transparency of UK corporate entities and helping combat economic crime’.   The consultation considers reform to: the information that companies are required to disclose increasing the checks on the information disclosed measures to improve the…

Read More »

Matilda Mawson
20th May 2019 Property allowance considerations: Joint properties held in unequal proportions

The property allowance was introduced on 5 April 2017, allowing a flat rate deduction of £1,000 to be claimed against property income, in lieu of keeping detailed records of expenses. This however, raises the question as to whether individuals renting out a joint property are required to make the same claim as one another. In…

Read More »

Bethan Hassey
20th May 2019 RSM’s Zorb Football Tournament

  On Thursday 16th May, Whitings attended RSM’s first ever Zorb Football Tournament in aid of the charity GeeWizz! After playing against 5 other firms, Whitings managed to finish 2nd overall based on goal difference.   It was a great event which helped raise money for a great cause. GeeWizz help support children and young…

Read More »

Matilda Mawson
16th May 2019 2019/20 Changes to Personal Tax and How It Could Save You Money

With the new tax year in full swing, we set out below some of the changes to various allowances and tax bands that affect how much tax you are paying: The personal allowance (the amount you can earn before you begin paying tax) has increased from £11,850 to £12,500. The basic rate tax band has…

Read More »

Jodie Tarbin
14th May 2019 PPR and Lettings Relief: an Update

Shortly following the last autumn budget, I published a blog “CGT Reliefs – Hit with Both Barrels!”, regarding the changes announced to the Principal Private Residence Relief (PPR) and letting relief rules.   HMRC have now published a consultation document, which can be found here: https://www.gov.uk/government/consultations/capital-gains-tax-private-residence-relief-changes-to-the-ancillary-reliefs   The consultation period closes at 11:45pm on 1…

Read More »