Get Ready for the EU GDPR with GDPRPLAN.COM
The EU GDPR (General Data Protection Regulation) comes into force on May 25th 2018, and replaces the 1998 Data Protection Act. The UK Government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR.
What you need to Know
- The EU GDPR becomes enforceable as of May 25th 2018
- The EU GDPR replaces the 1998 Data Protection Act (DPA) and Directive 95/46/EC
- The EU GDPR is designed to protect various types of personal data going in and out of the EU about ALL EU Citizens
- The EU GDPR APPLIES TO ALL EU MEMBER STATES INCLUDING THE UK – REGARDLESS OF BREXIT!
- THIS REGULATION AFFECTS THE WHOLE BUSINESS – IT’S NOT A PROBLEM THAT YOU HAND OVER TO I.T. TO DEAL WITH!
By May 25th 2018, companies who store, process or transfer personal data of EU Citizens must*:
- Implement appropriate technical and organisational measures that ensure and demonstrate that compliance. This may include internal data protection policies such as staff training, internal audits of processing activities, and reviews of internal HR policies.
- Maintain relevant documentation on processing activities.
- Where appropriate, appoint a data protection officer.
- Implement measures that meet the principles of data protection by design and data protection by default.
- Use Data Protection Impact Assessments where applicable.
With quoted fines of upto €20m or 4% of global annual turnover (whichever is the greater), “doing nothing” is not an option!
Even if you don’t receive a fine, the reputational damage to your business as a result of the negative publicity (which can then potentially lead to the loss of customers, revenues, falling share-price, shareholder unrest, class action lawsuits) can be avoided if you act now.