11 April 2017
Why you need to think about how your business manages its data
The words ‘data protection’ might make you tune out but with a huge change to data protection laws taking place next year, it’s become more important than ever to ensure your company is compliant.
The General Data Protection Regulation (GDPR) will replace the current laws and will apply from 25th May 2018. Britain’s decision to leave the European Union last year will not have an impact on these changes, and UK companies will have to comply regardless. Compliance will be even more important to businesses who continue to trade with EU member countries.
Here’s what you need to know:
One of the most significant changes is to do with the issue of consent – the subject must explicitly give their consent for their data to be processed and the employee in charge of the data (the data controller) must be able to demonstrate consent was given.
Even if you utilise cloud-based systems or third party companies to manage your data it is important to understand who owns the data and who is responsible for it in the event of a breach in order to comply with the more stringent notification time frames. There are many other changes, which you can read about here.
The fines for infringement have also increased. Companies who breach the GDPR will face fines of €20 million, or 4% of annual global turnover, whichever is higher.
It’s easy to see why having stringent data protection processes in place is more important than ever. We’d recommend reviewing your policies and processes now, in order to make sure you’re prepared well ahead of time.
To help you, we’ve put together this short questionnaire on how GDPR will affect you. Click here to take the questionnaire.