New rights. New responsibilities. New obligations.
In May 2018 a new law will come into force which fundamentally affects the way that you use data to market, provide services and run your business.
Amongst many things, the new laws will require you to:
- Notify the Information Commissioner’s office and the person concerned in the event of a data breach within 72 hours.
- Review and/or revise your justification(s) for collecting and using data; and make it as easy to withdraw consent as it is to give it.
- Modify your consent processes to ensure compliance with the law, to include your I.T. and cookie policies.
- Engage ‘fair processing’ notices throughout in order to warn people how their data will be gathered and used.
- Conduct a root and branch audit of your data processing and conduct Private Impact Assessments where appropriate.
- Implement ‘privacy by design and default’ in relation to the way you collect and use data.
- Action and facilitate the ‘right to be forgotten’.
- Service subject access requests much quicker.
- Train your staff properly on all the key stages.
This will require considerable advanced preparation.
The price of non-compliance could be up to 2-4% of global turnover in fines depending on how severe the data breach is and what efforts you made to comply with the law in the first place.
How we can help your business
- Properly document your top-down compliance directives.
- Produce GAP analyses, implement legally compliant risk assessments and initiate roll-out programmes designed to: minimise the risk of regulatory breach; help organise the implementation of ‘privacy by design’; educate and train employees and participants in order to achieve a culture of compliance.
- Draft appropriate codes of conduct, amend contracts of employment and employee handbooks and update induction processes.
- Ensure compliance with requests made pursuant to statutory processes.
- Amend client/supplier Terms & Conditions to shield the Company against liability for a data breach.
- Produce a bespoke data-breach response pack to facilitate the ability to notify third parties within the required 72 hour window.
And all for a fixed fee package.
Find out more and get a free 60 minute workshop
Our GDPR experts will deliver an hour-long workshop at your workplace, allowing your business to understand the issues and what you have to do next. If you would like to take advantage of our limited time Free Workshop offer, enter your details on the right and a solicitor from our Data Protection Compliance team will respond shortly.
You can also receive a copy of our free PDF Briefing on the new GDPR for Directors and Managers.
*Workshops only available for offices located in the Greater London area.