The Countdown Is On
We are now on the home straight; the final nine months until the General Data Protection Regulation (GDPR) takes effect on 25 May 2018. GDPR will replace the Data Protection Act 1998 (DPA), which has lived through the creation of WiFi and the iPhone, and so GDPR will provide a much-needed technological update on existing requirements, as well as harmonising data protection laws across Europe.
GDPR covers some existing ground, but there are many new principles and compliance requirements. To be compliant, you will need to review your existing processes and contracts, and potentially put in place new practices in respect of privacy, data protection and security. Depending on your business, that may take some time.
A €20 million fine
The reason that GDPR is being given so much publicity is the penalties that might apply: from a maximum £500,000 fine under the DPA, the GDPR allows for fines of the greater of €20m or 4% of annual worldwide turnover. It is not worth waiting and risking getting this wrong, as the penalties could spell the end for your business. If that was not enough, criminal sanctions are still being considered as forming part of the UK’s enactment of GDPR.
If you have not already taken notice and started to prepare, you should do so now. GDPR will on 25 May 2018, with no transition or grace period, and you will need to comply straight away. In short, you are running out of time!
The 10 Point Checklist
Our GDPR Checklist sets out the headlines of what you should be doing now, to prepare for next May. We can help you along the way, advising you on best-practice for GDPR compliance. We will work with you to audit the data you process, and manage the update of your processes and contracts.
For more information on getting your business GDP-compliant, please contact our Commercial team.