
Do you know what GDPR is?
Post Author:
Angie Harvey
Date Posted:
August 22, 2017
Share This:
Categories:
The General Data Protection Regulation (GDPR) is a new European directive that comes into effect from 25 May 2018 and supersedes the Data Protection Act. This new act affects all businesses and the financial penalties are material for non-compliance:
• 4% of annual turnover or 20 Million Euros whichever is greater.
The main message from the regulation is that all businesses will be required to keep personal data secure.
The definition of ‘Personal data’ has been updated to include any data that can be used to directly identify an individual. The GDPR has stricter responsibilities on the Data Processors as well as the Data Controllers, whereas the Data Protection act was the sole responsibility of the Data Controller.
The Information Commissioners office has set out the 12 steps to take out now in preparation for GDPR and these can be found her 12 steps to take in preparation
As business owners, there is planning required before the introduction date:
• Set clear procedures and controls
• Train your staff – All staff must be made aware of the changes and be aware of the procedures and controls. This will include reporting a breach if there is one
• Consider the use of encryption or portals if you communicate ‘personal data’ from your systems
At Johnston Smillie, we are developing our own plan and this will include all of the above. We will advise our clients how this affects them in due course. If you wish to speak to someone in the meantime, please do not hesitate to Contact Us




