Data Protection Changes: Why You Need to Start Planning Now

You may already have read about General Data Protection Regulations (GDPR), a major change which will replace the Data Protection Act on 25th May 2018. Are you aware of how the rules will affect your business?

Significant changes include:

  • An increase in the responsibility of people and businesses which use and store peoples’ data, including contact information.
  • Large fines for non-compliance of 2-4% of their global turnover or between €10 – 20M, whichever is greater.

To make sure you are ready for the changes by May 2018, here are 5 key questions to ask now:

  1. Where do we store personal data including contact details, and is it secure?
  2. Who has control of personal data and where is it stored?
  3. How do we gain consent from our contacts to get in touch with them at the moment?
  4. What are the current IT systems and processes relating to the data we store and use?
  5. Is the data we hold shared with contacts outside of the business (who?), and is data transferred across borders or outside the European Economic Area (EEA)?

Further Guidance

The ICO has a produced a wealth of information and practical guidance: https://ico.org.uk/for-organisations/data-protection-reform/guidance-what-to-expect-and-when/

Or if you want to find out about your legal requirements please get in touch with our team: enquiries@law.uk.com