Data privacy laws are changing. In 1 year, a new EU data protection rule will come into force in the UK to give citizens more control over their personal information. This will be known as the ‘GDPR’.
What is GDPR?
GDPR stands for ‘General Data Protection Regulation’ and comes into effect on 25th May 2018. The countdown for organisations to get their data protection policies in place is well underway.
Why is there a new regulation?
In an increasingly growing digital economy, it is more important than ever to have clear laws with safeguards in place to protect personal data.
The GDPR will:
- Increase privacy for individuals
- Give regulatory authorities greater powers to take action against business that breach the law
What about Brexit?
The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR. The legislation will be UK law. Any business in the UK which handles data of EU citizens will be affected regardless.
Who does GDPR apply to?
Organisations that hold or use personal data are responsible for keeping it secure. If you are currently subject to the Data Protection Act, it is likely that you will also be subject to the GDPR. The GDPR applies to both data ‘Controllers’ and ‘Processors’.
Will it replace the Data Protection Act?
Yes, when the GDPR comes into force, it will entirely replace the current Data Protection Act 1998 and radically overhaul many of the existing data protection rules.
Are there any penalties?
Yes! If businesses do not comply with the new GDPR, they can be fined up to 4% of their annual turnover or 20million Euros (whichever is higher). Fines of this scale could very easily lead to business insolvency and, in some cases, closure.
Let us help you…
ICT Reverse can help your business adequately prepare for the EU GDPR. Our specialist and experienced data privacy team are available to assist you and provide you with the necessary certificates to demonstrate that your company complies with the regulation.
Get in touch!