Menu

News

New Year, new data protection law

2nd January 2018

Individuals’ rights enhanced: data users’ obligations increased… Are you ready?

A new EU Regulation on General Data Protection Regulation (GDPR) comes into force in May 2018, which imposes tough new duties on those collecting and processing people’s personal information. The new law builds on the existing data protection legislation, giving greater and new rights for individuals to safeguard their personal information.

With eye-watering fines (up to 4 per cent of turnover) for organisations that do not comply with the new law, as well as possible reputational damage or legal action, it is time to look at the way you collect, process and store people’s personal information and to review and upgrade your policies and procedures.

  • Do you know where you store all the personal information of your customers, suppliers or employees, in both paper copy and electronic data?
  • Could you retrieve it all and provide copies within 30 days if requested by an individual?
  • Could you erase it or arrange to transfer it if requested by that individual?
  • Could you demonstrate to the regulator (Information Commissioner) how you are compliant with the GDPR? Are you ready to deal with a data loss incident or cyber-attack?
  • Do your suppliers know about the GDPR and do your contracts with them allocate risk and responsibility for data protection issues?

Make it a New Year’s resolution to get on top of the new law on data protection and be ready by 25 May. At Ansons, we have an experienced data protection lawyer Chris Balderstone who will be happy to assist you assessing the risks to your business and preparing for GDPR.

For a confidential discussion, on GDPR or any other data protection matter email Chris Balderstone on cbalderstone@ansons.law.

The contents of this article are for the purposes of general awareness only.  They do not purport to constitute legal or professional advice.  The law may have changed since this article was published.  Readers should not act on the basis of the information included and should take appropriate professional advice upon their own particular circumstances.