Click to see the menu

Are you ready for new data protection rules?

The EU General Data Protection Regulations come into effect on 25th May 2018 to replace the Data Protection Directive and organisations that are non-compliant can face large fines.

The aim of GDPR is to protect privacy and replaces laws drafted in 1995 when the Internet was not what it is today.

As well as changes to rules on the location of organisation and fines, the conditions for consent have been strengthened and instead of having a data controller you need to have a Data Protection Officer (DPO).

A DPO must report to the highest level of management and have expert knowledge of data protection law. They can be and employee or an external service provider but must have the resources to do the role and maintain their knowledge. Another key point is that the DPO must not be conflicted by having a dual role of governing data protection, whilst also defining how data is managed.

The 12 steps are

1 – Awareness
Ensure the key people in your organisation know GDPR is coming

2 – Information
Document what personal data you hold

3 – Privacy
Review your privacy notices

4 – Rights
Check your procedures to ensure they cover all the rights individuals have

5 – Requests
Update procedures to handle requests

6 – Lawful Processing
Identify the lawful basis for your processing

7 – Consent
Review how you seek, record and manage consent to use data

8 – Children
Consider systems to verify ages and obtain parental consent

9 – Breaches
Ensure you have the right processes to detect, report and investigate data breaches

10 – Assessments
Familiarise yourself now with the Privacy Impact Assessments

11 – Officer
Designate someone to take responsibility for data protection compliance

12 – International
Determine your lead data protection supervisory authority

If you would like to read more we recommend the Information Commissioner’s Office Website.

Image from Flickr by Descrier.

  • We are committed to helping you grow your business

  • We are highly qualified and experienced

  • Specialist in tax planning

  • Fair and reasonable pricing policy