Accessibility links

01323 412277 (Eastbourne)

01424 730345 (Bexhill-on-Sea)

01892 784321 (Wadhurst)

Helping you get from where you are now ...
... to where you want to be

  1. News
  2. Latest News for Business
  3. Archive

Get ready for the new data protection rules

The government is to introduce new data protection rules under the General Data Protection Regulation (GDPR) which takes effect from 25 May 2018.

Under the GDPR businesses will have increased obligations to safeguard the personal information of individuals which is stored by the business. These rules apply to the information of customers, suppliers or employees. Generally for those who are currently caught by the Data Protection Act it is likely that you will have to comply with the GDPR.

GDPR will apply to data 'controllers' and 'processors.' Processing is about the more technical end of operations, like storing, retrieving and erasing data, whilst controlling data involves its manipulation in terms of interpretation, or decision making based on the data. The data processor processes personal data on behalf of a data controller. Obligations for processors are a new requirement under the GDPR.

The GDPR applies to personal data which is wider than under the Data Protection Act (DPA).

One key change to the current DPA rules is that those affected will have to show how they have complied with the rules. Proof of staff training and reviewing HR policies are examples of compliance.

Under GDPR, higher standards are set for consent. Consent means offering people genuine choice and control over how their data is used.

Overall, the aims of GDPR are to create a minimal data security risk environment, and to protect personal data to rigorous standards. For most organisations, this will entail time and energy getting up to speed with compliance procedures. Reviewing consent mechanisms already in place is likely to be a key priority. In practice, this means things like ensuring active opt-in, rather than offering pre-ticked opt-in boxes, which become invalid under the new rules.

Organisations will also have to think about existing DPA consents. The ICO's advice is that:

'You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don't meet the GDPR standard.'

Where the current consents do not meet the new GDPR then action will be needed.

The fines for non compliance are severe at up to 20 million euros or 4% of total worldwide annual turnover (if higher).

The Information Commissioner's Office (ICO) has published some very useful information and a 12 step planning guide to help organisations get ready ahead of the May 2018 deadline.

Internet links: GDPR 12 steps.pdf

Latest News for Business Archive

08 Apr 2024

Relief at HMRC's reversal of helpline closures

HMRC's decision to halt its plans to restrict taxpayer helplines and direct people to online services instead has been met with relief by the Federation of Small Businesses (FSB).

08 Apr 2024

Jeremy Hunt cuts NICs again in the Spring Budget

The Chancellor made further changes to National Insurance contributions (NICs) following the cuts made in the Autumn Statement 2023.

08 Apr 2024

Business groups say challenges remain despite encouraging Budget

The UK's business groups warned that challenges remain despite the Chancellor delivering an encouraging Spring Budget.

Home | Contact us | Site map | Accessibility | Disclaimer | Privacy Policy | Help |

Company registered in England & Wales, number 06137832
The ICAEW audit registration number for Honey Barrett (Audit) Ltd is C005419803.
VAT No. 725 2398 29

The firm’s professional indemnity insurers are Accelerant Insurance Europe SA is a company registered in Belgium (Company number 0758.632.842) with registered office at Bastion Tower, Level 20, Place du Champ de Mars 5, 1050 Brussels.
Accelerant Insurance Europe SA is an insurance company authorised by the National Bank of Belgium and regulated by the Financial Services and Markets Authority (FSMA) (Ref. 3193).

powered by totalSOLUTION

© 2024 Honey Barrett Limited. All rights reserved. We use cookies on this website, you can find more information about cookies here.

The Registered office is: Honey Barrett Limited, 53 Gildredge Road, Eastbourne, East Sussex BN21 4SF

Honey Barrett Limited, 53 Gildredge Road, Eastbourne, East Sussex BN21 4SF
Bexhill Office : 48 St Leonards Road, Bexhill-on-Sea, East Sussex TN40 1JB
Wadhurst Office : Pharmacy Chambers, High Street, Wadhurst, East Sussex TN5 6AP

cyber-essentials.png aisma.png Xero Xero MTD Ready Sage Quickbooks Online