All businesses and organisations in the UK must be fully compliant with the new General Data Protection Regulation (GDPR) by the time it comes into effect in May 2018.
The GDPR will change the way your business can collect, use and transfer personal data. Not only will you need to know where data is stored, you may also need to change the way it is collected. And, subject access requests will have even shorter timescales as fines for non compliance will hit record levels.
The GDPR sets out to harmonise data protection regulations across Europe. So the recent referendum result may cause some to wonder whether it will still come into effect. However, despite all the general uncertainty at present, this is one area where we can make some firm predictions.
This week, the Information Commissioner’s Office have issued a Press Release confirming that they still intend it to come into effect in May 2018, whether or not Brexit goes ahead.
This is for two main reasons for this. Firstly, our Information Commissioners Office has believed for some time that there are many areas of the current data protection legislation (such as consent) that need to be improved. They were fully behind the implementation of the GDPR and their support for it has not changed.
The second reason is that currently any EU based personal data can only be transferred easily either within the EU or to countries on a ‘white list’. To get on the white list your legislation must offer equivalent protection to that given to data in the EU – so we are back to implementing similar, if not identical legislation, to the EU member states – the GDPR. The UK will need to be able to continue to trade with the EU and data is an important part of that trade.
So the GDPR is still set to replace the Data Protection Act in May 2018, regardless of Brexit.
As your business will need to be fully compliant with the new legislation by May 2018 and you may well need to make quite a few changes, you should start planning now. The clock has started ticking.
The GDPR is wide ranging. You can read the full text here (http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679 ) and watch our new video which sets out the nine steps you should start taking right now. https://vimeo.com/user53548371)
Probert Legal are experts in data protection law and the GDPR. We can help you assess the full implications for your own business and develop an action plan so you can relax in the knowledge you will be compliant with the new legislation.
Contact us today for an informal chat about how we can help. Call 01392 345400 or email
You can also follow the Blogs on our website to stay up to date with the latest developments. www.probertlegal.com