Get ready for the new data protection rules

12th September 2017

The government is to introduce new data protection rules under the General Data Protection Regulation (GDPR) which takes effect from 25 May 2018.

Under the GDPR businesses will have increased obligations to safeguard the personal information of individuals which is stored by the business. These rules apply to the information of customers, suppliers or employees. Generally for those who are currently caught by the Data Protection Act it is likely that you will have to comply with the GDPR.

GDPR will apply to data ‘controllers’ and ‘processors.’ Processing is about the more technical end of operations, like storing, retrieving and erasing data, whilst controlling data involves its manipulation in terms of interpretation, or decision making based on the data. The data processor processes personal data on behalf of a data controller. Obligations for processors are a new requirement under the GDPR.

The GDPR applies to personal data which is wider than under the Data Protection Act (DPA).

One key change to the current DPA rules is that those affected will have to show how they have complied with the rules. Proof of staff training and reviewing HR policies are examples of compliance.

Under GDPR, higher standards are set for consent. Consent means offering people genuine choice and control over how their data is used.

Overall, the aims of GDPR are to create a minimal data security risk environment, and to protect personal data to rigorous standards. For most organisations, this will entail time and energy getting up to speed with compliance procedures. Reviewing consent mechanisms already in place is likely to be a key priority. In practice, this means things like ensuring active opt-in, rather than offering pre-ticked opt-in boxes, which become invalid under the new rules.

Organisations will also have to think about existing DPA consents. The ICO’s advice is that:

‘You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.’

Where the current consents do not meet the new GDPR then action will be needed.

The fines for non compliance are severe at up to 20 million euros or 4% of total worldwide annual turnover (if higher).

The Information Commissioner’s Office (ICO) has published some very useful information and a 12 step planning guide to help organisations get ready ahead of the May 2018 deadline.

 

 

For further information and advice get in contact with our team at Decisive:IT who can offer practical advice and take you through the steps you need to take to ensure you are compliant with the upcoming GDPR changes.

 

Other helpful links: ICO getting ready GDPR 12 steps.pdf



 
Other items in Blogs
 
Lucy Bayliss
8th January 2020 It’s the final countdown!

There are only 23 days until the self-assessment tax return deadline of 31 January 2020. If your return is not filed electronically by this date, an automatic £100 penalty will be applied. Please note that the deadline for filing a paper tax return was 31 October 2019 and therefore all returns are required to be…

Read More »

Vanessa Pearson
13th December 2019 April 2020 Proposed IR35 changes: Status appeals process

As the planned changes to who determines IR35 status are fast approaching, contractors would be well advised to review their contracts on HMRC’s updated CEST (Check Employment Status for Tax) tool. Having provided answers to questions regarding substitution, control and nature of the work, the updated tool will give HMRC’s view of the workers employment…

Read More »

Ben Kilby
12th December 2019 VAT Surcharge

Have you or your business received one between 23 April 2018 and 31 January 2019?   If so, you may want to check if it has been dated. If it has not been dated you may be in for a refund. Any surcharge liability notice or surcharge liability notice extensions are invalid if they have…

Read More »

Lucy Bayliss
25th November 2019 Don’t let your tax bill affect your festive joy. Instead, spread your tax payments throughout the year!

With the festive period fast approaching, it is easy to lose sight of your self-assessment tax return!   If you are employed or receiving a pension and you file your return before 30 December 2019, you can elect to have your tax collected through ‘Pay As You Earn’ (PAYE) rather than paying one lump sum…

Read More »

Ian Piper
22nd November 2019 2019 Growth: Missing in action?

(Data Source) As another year draws to a close, local SME businesses will be forgiven for looking forward to drawing a line under it. With 2019 sales growth barely nudging 1%, it has been a year of focusing on not slipping backwards, rather than the usual mantra of continually signing up new accounts.  When commentators…

Read More »

Mark Burrows
21st November 2019 Avoiding Self Assessment Tax Scams

HM Revenue & Customs have reminded Self Assessment taxpayers to watch out for fraudsters as the tax return filing deadline of 31 January approaches.   HMRC say they have received nearly 900,000 reports of suspicious phone calls, texts or e-mails from scammers pretending to be the tax authority.  Most of these messages were about fake…

Read More »