General Data Protection Regulation (“GDPR”)
The looming General Data Protection Regulation (“GDPR”) will come into force on 25th May 2018 and all UK organisations must ensure that they are compliant before this date.
The GDPR will partially replace, whilst complementing and updating, the current data protection regime when it comes into force. The reform is intended to respond to new technological challenges and to put in place a harmonised framework for the protection of personal data.
The core data protection principles remain unchanged. However, the new regime is designed to empower ‘data subjects’ (e.g. employees and consumers) to protect their privacy.
Virtually all businesses will be a ‘data controller’ and a ‘data processor’ as well meaning that GDPR places new specific legal obligations on your business; for example, you are required to maintain records of personal data and processing activities. You’ll have significantly higher liability if you are proven responsible for a breach. Even if you outsource data processing, as a data controller, you are not relieved of your obligations where an external processor is involved – the GDPR places further obligations on you to ensure your contracts with processors comply.
And with fines for potential breaches as high as 4% of your annual turnover (up to 20m euros), you should take action today, learn about GDPR, perform an audit and consider contractual, policy and storage changes to ensure compliance.
Our specialist teams will assist you get up to speed with the imminent changes from a commercial and employment law point of view.
We offer a comprehensive GDPR package that comprises:
- A comprehensive data audit/review of your documents and Terms & Conditions;
- Updating the company’s data protection policy to ensure that it is compliant with the new regulations;
- Introducing a compliant privacy notice;
- Bespoke training at your site;
- Advice in relation to the transfer of data internationally;
- HR services including contracts of employment, employee handbooks and policy updates all supported by an online HR portal to ensure that you store and access all documents in a compliant way together with advice and support throughout
If you would like to discuss any aspect of the GDPR or your specific commercial and employment law requirements further, please do not hesitate to contact our experts whose details are provided below. For more information on the GDPR from the Information Commissioner’s Office Click Here (ico.org.uk)
Partner & Head of Employment Law
Partner & Head of Corporate and Commercial