A massive change in the law affecting data protection takes place in May 2018 when the EU General Data Protection Regulation (‘GDPR’) comes into force.
The GDPR will remain effective until the UK eventually leaves the EU and, accordingly, it cannot be ignored and all those affected by data processing considerations need to be alive to the changes that are coming.
Furthermore, following Brexit, whether located within the EU or not, every business that will offer goods or services to citizens within the EU, or is involved in monitoring behavioural trends, will be subject to GDPR.
What is Data Protection? | Kangs Regulatory Solicitors
The Data Protection Act 1998 is, currently, the principal legislation governing data protection and defines the law on the processing of data.
There exists a basic right to privacy, which is protected by legislation, both national and worldwide, in a society where personal data is being disclosed on a daily basis in numerous transactions as innocent as, for example, renewing car tax on-line, and where such information is being captured and processed by companies and agencies far removed from the activity requiring the disclosure of such information.
Substantial Fines For Breach | Kangs Regulatory Team
Under GDPR service providers processing personal data on behalf of other businesses become directly liable to individuals for a breach of data security.
This is a complete change from the existing law where service providers cannot be held directly liable and data processors are completely liable for any non-compliance.
The new level of fines for breaches of GDPR is massive and any breach could seriously damage the health of the defaulting company.
Why Should I Prepare My Company For GDPR? | Kangs Advisory Team
- The regulatory changes are substantial
- Educating your company’s personnel will take time
- May 2018 is quickly approaching
- It will take time to implement compliant procedures
- The costs of compliance may be substantial
- The potential cost of non-compliance may be enormous
- Your trading partners may not stay with you if you are not compliant
- You are a director and responsible for any failure.
Directors And Officers Liabilities
GDPR will increase the liabilities for directors and officers for data breaches or personal data misuse, with France and Italy having already taken steps to penalise any failures.
What Immediate Steps For GDPR Should I Take? | Kangs Solicitors
The initial steps have to be:
- seek expert advice for support and guidance,
- examine your current structures,
- identify changes needed to meet the new Regulation and
- form clearly defined policies and procedures