Prepare for EU GDPR Compliance with GDPRPLAN.COM
The EU GDPR (General Data Protection Regulation) is here, and replaces the 1998 Data Protection Act, as well as every other local data protection law across Europe.
The UK Government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.
What You Need to Know
The EU GDPR:
- Became enforceable as of May 25th 2018
- Replaced the 1998 Data Protection Act (DPA) and Directive 95/46/EC
- Is designed to protect various types of personal data going in and out of the EU about ALL EU Citizens
- APPLIES TO ALL EU MEMBER STATES INCLUDING THE UK – REGARDLESS OF BREXIT!
- AFFECTS YOUR ENTIRE ORGANISATION – IT’S NOT A PROBLEM THAT YOU HAND OVER TO I.T. TO DEAL WITH!
Companies who either Collect, Process or Transfer personal data of EU Citizens must*:
- Implement appropriate technical and organisational measures that ensure and demonstrate that compliance. This may include internal data protection policies such as staff training, internal audits of processing activities, and reviews of internal HR policies.
- Maintain relevant documentation on processing activities.
- Where appropriate, appoint a data protection officer.
- Implement measures that meet the principles of data protection by design and data protection by default.
- Use Data Protection Impact Assessments where appropriate.
With quoted fines of upto €20m or 4% of global annual turnover (whichever is the greater), “doing nothing” is not an option!
Even if you don’t receive a fine, the reputational damage to your business as a result of the negative publicity (which can then potentially lead to the loss of customers, revenues, falling share-price, shareholder unrest, class action lawsuits) can be avoided if you act now.