Are you ready for the General Data Protection Regulation? If not, it could cost you up to €20m.
The Regulation is a new data protection regime that comes into effect next May. You must operate a centralised data protection collection and processing system. A breach of the Regulation can lead to a significant fine, with the maximum being €20m (around forty times the current maximum of £500,000) or 4% of global turnover, if more. The Information Commissioner’s Office, who will enforce the Regulation, have made it clear they are likely to take a zero tolerance approach, and will “name and shame” those who get it wrong.
You will be expected to demonstrate on demand:
- appropriate security measures for the protection of personal data;
- compliance with the Regulation’s expanded definition of “consent” when collecting personal data;
- centralised policies and procedures for obtaining, processing and securely destroying personal data;
- an annual data protection impact assessment;
- full preparation forsubject access requests, or ICO investigations
THERE IS NO EXCUSE FOR NON-COMPLIANCE AFTER MAY 2018.
The Regulation is compulsory.
We are already working with clients, businesses and regulatory bodies to ensure they are ready for these critical changes.
Please call us now, and we can help you kick start the process of complying with the Regulation by providing a road map to help you navigate to compliance by May 2018.
[info]
For More Information Contact:
Graham Millar
Mobile: 07841920102
Direct Dial: 0141 530 2023
Email:gmillar@gilsongray.co.uk
[/info]
[info]
For More Information Contact:
John Kielski
Direct Dial: 0141 530 2038
Email:jkielski@gilsongray.co.uk
[/info]
The information and opinions contained in this blog are for information only. They are not intended to constitute advice and should not be relied upon or considered as a replacement for advice. Before acting on any of the information contained in this blog, please seek specific advice from Gilson Gray.