Get ready for the new data protection rules

12th September 2017

The government is to introduce new data protection rules under the General Data Protection Regulation (GDPR) which takes effect from 25 May 2018.

Under the GDPR businesses will have increased obligations to safeguard the personal information of individuals which is stored by the business. These rules apply to the information of customers, suppliers or employees. Generally for those who are currently caught by the Data Protection Act it is likely that you will have to comply with the GDPR.

GDPR will apply to data ‘controllers’ and ‘processors.’ Processing is about the more technical end of operations, like storing, retrieving and erasing data, whilst controlling data involves its manipulation in terms of interpretation, or decision making based on the data. The data processor processes personal data on behalf of a data controller. Obligations for processors are a new requirement under the GDPR.

The GDPR applies to personal data which is wider than under the Data Protection Act (DPA).

One key change to the current DPA rules is that those affected will have to show how they have complied with the rules. Proof of staff training and reviewing HR policies are examples of compliance.

Under GDPR, higher standards are set for consent. Consent means offering people genuine choice and control over how their data is used.

Overall, the aims of GDPR are to create a minimal data security risk environment, and to protect personal data to rigorous standards. For most organisations, this will entail time and energy getting up to speed with compliance procedures. Reviewing consent mechanisms already in place is likely to be a key priority. In practice, this means things like ensuring active opt-in, rather than offering pre-ticked opt-in boxes, which become invalid under the new rules.

Organisations will also have to think about existing DPA consents. The ICO’s advice is that:

‘You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.’

Where the current consents do not meet the new GDPR then action will be needed.

The fines for non compliance are severe at up to 20 million euros or 4% of total worldwide annual turnover (if higher).

The Information Commissioner’s Office (ICO) has published some very useful information and a 12 step planning guide to help organisations get ready ahead of the May 2018 deadline.

 

 

For further information and advice get in contact with our team at Decisive:IT who can offer practical advice and take you through the steps you need to take to ensure you are compliant with the upcoming GDPR changes.

 

Other helpful links: ICO getting ready GDPR 12 steps.pdf



 
Other items in Blogs
 
Ruth Pearson
17th October 2019 Is it too early to talk about Christmas!

In December 2018 HMRC wrote to employers to advise of a temporary easement on reporting PAYE information in real time. This was for a number of reasons, one of which could be due to businesses closing over the Christmas period and therefore having to pay staff earlier than normal.   HMRC have received feedback from…

Read More »

Chris Kelly
8th October 2019 Whiting & Partners advises Lettings Agency on finding its new Home

Whiting & Partners, The Corporate Finance Network’s representative firm in Suffolk has advised a well-established lettings agent on its sale to a national group.   The Whiting & Partners Corporate Finance team were approached by their client when they decided to explore opportunities to sell their agency. The team, led by Corporate Finance Partner, Chris…

Read More »

Matilda Mawson
2nd October 2019 Class 2 National Insurance – HMRC’s ongoing issues

July 2015 saw the end of direct debit collection for Class 2 National Insurance. Contributions are now collected through self-assessment and, despite there being 4 years since the change in the way payments are made, HMRC are still having teething problems. The issues arise as HMRC are running two computer systems side by side: national…

Read More »

Ian Piper
1st October 2019 New Off-Payroll Working Tax Rules: Y/N?

Readers, particularly knowledge based contractors working through their own personal service companies, will hopefully now be familiar with the new ‘off-payroll working’ tax rules being introduced in the private sector on 1 April 2020. These are being introduced as part of the Government’s general strategy over recent years to eliminate tax avoidance, tax evasion, and…

Read More »

Richard Alecock
12th September 2019 “Get ready for Brexit” workshops

  The Department for International Trade is hosting “Get ready for Brexit” workshops across the East region, each running from 11:30 – 13:30 followed by a networking lunch.   Please see the link below for dates and venues.   http://x.email.ukti.gov.uk/ats/msg.aspx?sg1=6a523609b267f7129747b384f8f21e3e

Read More »

Steven Denton
10th September 2019 Employer allowance – is it worth the hassle?

The £3000.00 employer allowance ceases at the end of the current tax year. From April 2020 employers will have to re-apply for a di minimis state aid based allowance.   A new HMRC checklist will have to completed to declare the following;   NIC contributions in the previous tax year were beneath £100,000; Confirmation that…

Read More »