General Data Protection Regulation (GDPR) – Are you ready?
The GDPR comes into force on 25 May 2018, replacing all national data protection laws across Europe, including the 1998 Data Protection Act.
GDPR will therefore affect every business processing personal data in Europe, whether an EU member, or an organisation that provides goods and services within the continent.
What are the Penalties?
Non compliance under this new legislation will bring significant fines for businesses which can range from €10 million (or 2% of annual global turnover) to €20 million (or 4% of annual global turnover), depending upon the breach.
What Do I Need to Do?
If you and your business are not already preparing now, we strongly recommend you start to assess, plan and implement the likely changes to procedures and systems that will be required.
Farleys’ Commercial team can help you meet your GDPR obligations, including advice on the following:
- Data protection audit
- Providing new and updated policies to comply with GDPR
- Review of existing terms and conditions/retainers with customers, clients and suppliers
- Advice on and preparation of privacy notices
- Advising on changes to be implemented to comply with GDPR
- Advice on how to protect data where work is outsourced
- Advice on how to respond to a subject access request
- Appointment of a data protection officer
- Advising on ICO registration (notification) process
- Implementation of processes on how to handle data protection breaches and self reporting to the ICO
- Advice on how to respond to any enforcement action taken by the ICO against your business including information notices, enforcement notices and civil monetary penalties (fines)
- Bespoke training sessions to your staff on GDPR obligations