We care passionately about every customer we help
Partner and Head of Family Law, Rugby
Having spent over four years in preparation, the official text for the General Data Protection Regulation (GDPR) has now been formally approved; it’s been translated into the EU’s official languages and published in the Official Journal of the EU. This marks both the end of the legislative process and the start of the two year countdown until the new regulation comes into force in May 2018. And of course, compliance is mandatory.
So now to the real question…are you ready for it?
The new law is complex and strict, offering increased rights to individuals and requiring organisations to up their levels of compliance. All in all it is intended to have global effect, transforming the way in which personal data is collected, stored, shared and processed and ensuring businesses are more accountable for their practices with respect to personal data.
The new regulation will apply across all EU states without further amendment by individual parliaments. And it isn’t just restricted to those organisations based within the EU. Regardless of where the organisation is based, if it monitors individuals’ behaviour or offers goods or services to individuals in the EU, regardless of whether any payment is required, they will be caught by the new regulation.
What you need to know:
This is by no means an exhaustive list, it simply highlights some of the forthcoming changes and the increased obligations that will be placed on organisations.
The Information Commissioner’s Office has not surprisingly also emphasised its importance and issued a 12 step plan to help businesses to prepare.
The message is clear - this is more than simply a compliance exercise. Preparation for the GDPR should begin now in order to be ahead of the game, it will give businesses both the opportunity to embed good privacy practices as well as minimise the risk of potentially huge financial penalties. If you wish to know more then please contact me for further information.