What is the GDPR? The General Data Protection Regulation (GDPR) comes into force on May 25, 2018, and is intended to harmonise European data protection laws, which makes it easier for EU citizens to understand how their data is being processed and raise any complaints.
Partner Debbie Brett, in Reading-based Blandy & Blandy LLP’s commercial & regulatory team, outlines GDPR and its implications. She writes:
The new regulations provide many businesses with a great opportunity to re-evaluate how they approach data protection and implement substantial technical changes to avoid potential substantial penalties.
Why is the GDPR needed?
Storing data is no longer as simple as it once was. We no longer store all data in one structured database and given the complex way that many individuals and companies store data now (emails, photos, social media, cloud storage, etc.), legislation has need to be updated to manage how this data is processed.
Given that information now becomes available across the world instantaneously and no longer respect national boundaries, it has become necessary to develop EU wide legislation.
Who will the GDPR apply to?
The GDPR will apply to any business, whether established inside or outside the EU, which offers goods and services to EU citizens or monitors their behaviour. With Brexit looming over the United Kingdom, please be aware that the GDPR will still apply post Brexit.
Data Protection Act 1998 (DPA) vs GDPR
Similarities:
The GDPR retains the core rules and principles of the DPA regarding the processing of personal data including the following existing rights:
Differences:
Steps to take now
In order to prepare for the GDPR, businesses should consider taking the following steps:
For those currently compliant with the DPA who have proactive data protection policies, the updates needed are very achievable, and in any event, we recommend that businesses start undertaking the steps above as soon as possible.
Blandy & Blandy can help in reviewing businesses’ current levels of compliance, assessing any vulnerabilities and drawing up an action plan to meet the GDPR. In particular, the firm regularly assists in drafting and updating key documents and policies as well as providing training to staff to help clients to continue to meet their data protection obligations.
For further information or legal advice, contact debbie.brett@blandy.co.uk or visit www.blandy.co.uk
Bath-based Future plc, the publisher of specialist online and print magazines, said trading in its…
The university of Bristol was one of six organisations to receive a contract from the…
Oxford BioDynamics Plc is teaming up with researchers at King's College London in a bid…
More than a quarter of a million extra construction workers are needed in the UK…
Kent-based housebuilder Vistry revealed it was on track to deliver more than 10% growth in…
A Dorset-based company, which has developed ground-breaking technology to recycle plastic waste and turn it…