Ensuring data protection compliance and information governance is crucial for every organisation. Organisations hold and transfer large volumes of information electronically every day. Failure to understand and comply with the legislative framework for data protection could have serious financial and reputational consequences.
A new regime - the General Data Protection Regulation (GDPR) – is coming into force on 25th May 2018. The GDPR brings with it a series of important changes in the UK’s data protection laws and will have a significant impact on how organisations manage personal data.
Key changes under the GDPR include:
- Strengthened and new rights for individuals
- Changes to consent
- Mandatory breach notification (72 hours)
- Responsibility of data processors
- Data Protection Impact Assessments
- Data Protection Officers
- Penalties – €20 million/ 4% annual turnover
How can we help?
Our specialist Data Protection Team has genuine expertise and in-depth knowledge of this complex and sensitive area.
The team can advise and provide training on all aspects of the Data Protection Act 1998, as well as preparation for implementation of and compliance with GDPR, including:
- Data Protection Audits, Policies and Procedures
- Data Protection and Freedom of Information;
- Data Protection in the public sector
- Individuals’ Rights (including right of access)
- Data Protection in the workplace / HR context
- Data Breach Management
- Data Security
- Data Sharing and Data Transfers