The year 2018 (which yes is only 4 months away), is set to bring about fundamental changes within the sphere of data protection. These changes will completely alter the way in which personal data will be processed including, the mechanics in which such data is managed and in addition, the penalties associated with a breach of the incoming laws. The changes will be implemented by way of the EU General Data Protection Regulation.
Some of the changes being implemented by the GDPR include (amongst other changes) the following:
The Government has, in preparation for the change, published a Statement of Intent (SoI) in relation to the UK Data Protection Bill (the “Bill”). The SoI sets out three objectives that will be achieved by the Bill including the following:
The SoI therefore sets out in clear terms, the objectives of the Bill and also provides that the UK will be utilising the flexibility provided by the GDPR in respect of how member states implement the GDPR. The SoI sets out that the UK Government is certainly taking the GDPR seriously and intends to implement it in a structured manner. The Bill itself is due to be published in September 2017 and we will look to provide specific guidance on the basis of the draft.
What remains vital at this stage is that employers, do not underestimate the importance of the GDPR and the need to prepare for its implementation. In the first instance, employers should look to conduct general data protection health checks in order to understand the current procedures that are in place. These procedures will need to be reviewed and potentially amended in preparation for the implementation of the GDPR ad subsequently, the Bill.
Should you have any questions surrounding the GDPR and its impact upon your business, please contact your Higgs Advisor.