GDPR - It's time to evolve
Matt Bruce owner of Data Protection Specialists Bruce & Butler in Sheffield discusses the upcoming changes in legislation…
"General Data Protection Regulation (GDPR) provides individuals with enhanced rights and gives them back control over their personal data. It ensures transparency and accountability around the use of their data and it requires appropriate security and controls to protect their data. The regulation becomes enforceable from 25th May 2018 and Tier 1 fines for non-compliance can reach the greater of 4% of the prior year’s global turnover or 20m Euros.
The detail of GDPR presents a real practical challenge to organisations and they will have to evolve. Organisation wide reviews and development of policies and procedures must take place to ensure the principles are met and the data subject rights upheld. Decisions will need to be made and processing activities documented on a number of fronts including, but not limited to: the appointment of a mandatory Data Protection Officer; Data Protection by Design approach and effective personal data breach reporting to the regulator within 72hrs."
Matt Bruce of Bruce & Butler