General Data Protection Regulation [GDPR]
Data protection compliance, the need for specialist advice has never been more important
The General Data Protection Regulation (GDPR) is the most important and robust piece of Data Protection legislation ever enacted in the UK. The aim of the GDPR is to make the handling and protection of personal data central to the way all businesses and organisations in the UK operate going forward. Potentially draconian fines for non-compliance (up to 4% of worldwide annual turnover) mean that all businesses have to take GDPR compliance very seriously.
The GDPR comes into effect in May 2018, but the steps to take in order to achieve compliance can be very time consuming. Businesses therefore need to act now in order to get their house in order to stand any chance of achieving compliance by May 2018.
Identifying the relevant lawful basis for processing personal data, obtaining appropriate consents, documenting compliance, and having procedures in place to deal with data subject access requests, are just four of the many issues that businesses will have to consider and address in the months leading up to May 2018.
James Sarjantson has dealt with Data Protection matters on behalf of clients for many years and is able to provide practical and commercial solutions to issues raised by the GDPR, and to advise on the steps that businesses can take themselves to move towards compliance.
General Data Protection Regulation, GDPR, data subjects’ rights, Data protection officers (DPO), Privacy by design, data protection and regulatory compliance.