The General Data Protection Regulation (GDPR) is a new EU Regulation coming into force on 25 May 2018. It introduces a new harmonised data protection compliance regime and strengthens the rights of all individuals within the EU by holding businesses accountable through tougher penalties and fines.
What changes can businesses expect to see?
The new regime brings into law a number of changes with the most significant being:
- Increased rights for data subjects to request access to their personal data;
- Higher standards of consent;
- Increased responsibilities for controllers and processors;
- Shorter time limits for reporting breaches.
The authorities will have the power to impose significant fines and other sanctions on businesses who do not comply.
The result means businesses may be required to make a number of changes in order to become compliant. These changes should span organisational, contractual, cultural and IT changes.
How have SAS Daniels prepared for the GDPR?
It must be stressed that each and every business is of course different. What follows is not legal advice, but rather is intended to be illustrative and by way of example only and should not be relied upon.
In relation to our own business, our first action was to put a multi-disciplinary project team in place and then follow the eight step plan we felt was appropriate for SAS Daniels. This plan was:
Our own approach to the GDPR ensured both logic and structure were applied by breaking the process down into manageable elements. By having a multi-disciplinary project team in place with communication and culture at the heart of our plan we could be confident that our approach to data protection was appropriate for our needs.
How can SAS Daniels help your business prepare?
Our Commercial Law team have the in-depth legal knowledge required to help you ensure that your documents are updated to take account of the new regime. Our team have experience in advising a range of businesses of different sizes and sectors.
We can provide specialist advice when updating and reviewing your contracts and policies, whether that’s your external contracts between suppliers and clients or your internal policies with employees.
For more information on GDPR and how we can help your business, please contact our Commercial law team on 0161 475 7676, or get in touch via our contact form.
You can also read more about GDPR in our blog: What is the GDPR?