Get ready for the new data protection rules

12th September 2017

The government is to introduce new data protection rules under the General Data Protection Regulation (GDPR) which takes effect from 25 May 2018.

Under the GDPR businesses will have increased obligations to safeguard the personal information of individuals which is stored by the business. These rules apply to the information of customers, suppliers or employees. Generally for those who are currently caught by the Data Protection Act it is likely that you will have to comply with the GDPR.

GDPR will apply to data ‘controllers’ and ‘processors.’ Processing is about the more technical end of operations, like storing, retrieving and erasing data, whilst controlling data involves its manipulation in terms of interpretation, or decision making based on the data. The data processor processes personal data on behalf of a data controller. Obligations for processors are a new requirement under the GDPR.

The GDPR applies to personal data which is wider than under the Data Protection Act (DPA).

One key change to the current DPA rules is that those affected will have to show how they have complied with the rules. Proof of staff training and reviewing HR policies are examples of compliance.

Under GDPR, higher standards are set for consent. Consent means offering people genuine choice and control over how their data is used.

Overall, the aims of GDPR are to create a minimal data security risk environment, and to protect personal data to rigorous standards. For most organisations, this will entail time and energy getting up to speed with compliance procedures. Reviewing consent mechanisms already in place is likely to be a key priority. In practice, this means things like ensuring active opt-in, rather than offering pre-ticked opt-in boxes, which become invalid under the new rules.

Organisations will also have to think about existing DPA consents. The ICO’s advice is that:

‘You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.’

Where the current consents do not meet the new GDPR then action will be needed.

The fines for non compliance are severe at up to 20 million euros or 4% of total worldwide annual turnover (if higher).

The Information Commissioner’s Office (ICO) has published some very useful information and a 12 step planning guide to help organisations get ready ahead of the May 2018 deadline.

 

 

For further information and advice get in contact with our team at Decisive:IT who can offer practical advice and take you through the steps you need to take to ensure you are compliant with the upcoming GDPR changes.

 

Other helpful links: ICO getting ready GDPR 12 steps.pdf

Other items in Blogs
Joe Fretwell
1st July 2022 Is your PAYE code correct?

With the rising cost of living, it has never been more important to ensure you are paying the correct amount of tax through your PAYE tax code. It is important to understand your tax code, any changes to this and why your tax code on your payslip is what it is. There are many reasons…

Ruth Pearson
23rd June 2022 Changes to National Insurance

In April 2022 we saw Employee’s National Insurance Contributions increase by 1.25% from 12% to 13.25%, as part of the Governments Health and Social Care levy. Employer’s National insurance also increased from 13.8% to 15%. From April 2023, the health and social care levy will be paid separately to National Insurance and become a tax…

James Selby
23rd June 2022 Pensions Contributions: Maximise tax relief

We are seeing more and more cases of individuals missing out on claiming higher rate tax relief on their employee pension contributions especially where they are not in self-assessment and required to file tax returns.   Where employers have enrolled their staff to make employees pension contributions via a ‘relief at source’ scheme, the contributions…

Paul Jefferson
14th June 2022 VAT Penalty Changes

A new penalty regime will come into effect for VAT periods starting on or after 1 January 2023. The changes will impact the charges for missing VAT filing and payment deadlines and will be replacing the current surcharge system. These changes place continued importance on being up to date with your VAT returns, aware of…

Liz Simpson
13th June 2022 NIC: All Change!

HMRC Changes to the National Insurance contributions for 2022-2023 tax year, are you confused? Due to the COVID-19 strain on the NHS, the government announced that they would be increasing the National Insurance contributions by 1.25% as a means to increase spending on health and social care. The Health and Social Care Levy was applied…

Jaimie King
10th June 2022 30-Jun-22: Covid Recovery loan deadline approaching

Time is running out for businesses to apply for Recovery Loans, the follow on Covid-support product from the CBILS.   In order to qualify for the Recovery Loan Scheme (RLS), your business has to have been affected by Covid-19 and you have to apply and have received the funds by 30th June 2022. The RLS…