GDPR is Coming........ are you ready?

10th April 2017 GDPR is Coming........ are you ready?

The introduction of the General Data Protection Regulation (GDPR) will impact most businesses from 25th May 2018

The objective of the regulation is to bring digital accountability to organisations across Europe

When introduced, businesses will have 12 months to become compliant. After this period, substantial fines will be introduced as penalties for organisations who fail to meet the obligations of this legislation.

Despite Brexit, this legislation will affect UK businesses as the UK will still be part of the EU at the time the legislation comes in to force. Once the UK leaves the EU, compliance will still be necessary to trade with companies within EU member states.


Increased penalties under the GDPR

When the EU General Data Protection Regulation (GDPR) is enforced from 25 May 2018, breached organisations will find the fines they face increasing dramatically.



Penalties for a data breach will reach an upper limit of €20 million or 4% or annual global turnover– whichever ishigher.?



Penalties for a breach of policy will reach an upper limit of €10 million or 2% or annual global turnover – whichever is higher


For many businesses, the threat of insolvency or even closure as a result of GDPR penalties will soon be very real.


Some key themes:

Data Responsibility

Overall, the scope of GDPR is greater than the Data Protection Act, and it is easier to define the point when breach occurs. More responsibility is placed on the data controller and processor of data and full control is firmly with the owner of the data.


Protecting Personal Information

The scope of GDPR is set to ensure that your all personal Information is processed lawfully, fairly and in a transparent manner in relation to individuals; it will only be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.


Data on Loan

To understand the principles behind GDPR, you need to consider that any data that you hold has been loaned to you by the owner, and they are in control of who has it and what they do with it. Consent must be freely given for the use of any personal data and the use for this must be made clear.

- You need clear explicit consent
People have to OPT IN rather than assume consent is given unless they opt out

Would you like a coffee?

Let us arrange for a GDPR practitioner to visit you, discuss the GDPR requirements with you and advise on the most appropriate resolution to the bring you to a level of compliance.