Heads up - are you getting GDPR ready?

Posted by Jennifer at 18:56 on 12 Dec 2017


Data Protection Law is changing on 25 May 2018 when the General Data Protection Regulation (“GDPR”) comes into force (the UK’s departure from the EU will not affect this change in legislation). You may need to amend your procedures to take into account GDPR’s new provisions.

You can assume that if you hold information that falls within the scope of the DPA, it will also fall within the scope of the GDPR. However, the GDPR’s definition is more detailed e.g. an IP address can be personal data, and pseudonymised data is also considered personal data. GDPR applies to both automated personal data and to manual filing systems where personal data are accessible.

The Information Commissioner’s Office (ICO) has launched a dedicated helpline for SME’s (0303 123 1113) for advice on preparing for GDPR. They have also has advised that by the end of the year they will publish an expanded comprehensive guide to GDPR, along the same lines as the current Guide to Data Protection.

The ICO has also provided a handy 12 step plan to get you thinking on the right lines.

The incentive to get it right

Apart from the reputational damage you could suffer you could also be hit with a hefty fine for a serious data protection breach. Under GDPR the fine could be up to the greater of €20m or 4% of your global revenue.

Please contact RM2 (020 8949 5522 / enquiries@rm2.co.uk) or consult our free fact sheet downloads for more information.