General Data Protection Regulations (GDPR)

The European Parliament adopted the General Data Protection Regulation (GDPR) in April  2016. It will change the regulatory requirements for personal information and comes into force in May 2018. Penalties can be issued for data breaches or failure to demonstrate compliance.

The aim of the GDPR is to create a legal framework for the use of personal data that is fit for purpose, both now and for the future. Businesses have new responsibilities, including the need to obtain much clearer consent for using data and ensure suitable security is built into all business processes and systems.

The Business Guide to the General Data Protection Regulation (GDPR)

What businesses need to know about GDPR

The General Data Protection Regulation (GDPR) will replace the Data Protection Act (DPA) in May 2018.

Why does the DPA need to be replaced?

The DPA was implemented in the 1990s when there was no social media or cloud computing. It does not reflect our lives online and how modern business operates; we need better ways to protect personal data and the use of it. Many of the principles are much the same as those in the DPA, so if you are complying now then most of your approach remains valid.

Does Brexit make a difference? 

No, we will still be in the EU in May 2018. After the UK leaves the EU something very similar to the GDPR will be required if we want to trade with the EU and other countries. If you do business with the EU or hold the details of any EU citizens, you will need to comply with all the GDPR requirements after Brexit. In addition, the government has indicated that something similar will be required for both UK and EU citizens, it's expected that the principles will apply to UK citizens and those trading with the EU.

If I ignore it what will happen?

You will not be complying with a legal aspect of running a business. Nothing may happen, but you could be face financial penalties. Not just for a data breach, but for failure to show you have taken steps to comply with the requirements.

Please call 01993 623 010 to find out how your company can benefit from learning more about GDPR or e–mail requesting more information.