The GDPR becomes enforceable on 25th May 2018. It is already part of UK legislation and will happen. It is a good idea to be ready for what’s coming. In this blog we look at three key things to prepare for.
Data Protection Act (1988)
Until 25th May 2018, it is a criminal offence to not be registered with the Information Commissioner’s Office (ICO) for Data Protection, if you hold customer, supplier or employee personal details (there are a few non-profit etc exceptions. But…not many). Not doing so means personal data is being used illegally. You can register on the ICO website for £35 (companies with less than 250 employees and/or £25.9m or less of turnover). Above this, it is £500. If you prefer, we can do it for you
GDPR Launch (25th May 2018)
This is the date the regulation becomes enforceable in the UK. With fines up to 4% of global turnover or 20m euro, and consumers having the right to sue for distress amongst other things, organisations will take longer to be ready than they probably expect (e.g. An individual may receive thousands of ‘consent’ requests from companies on 25th May next year). Asking now avoids the rush.
Post GDRP Launch
Organisations will need to prove they are compliant. This is an ongoing requirement, which will mean ongoing change. (e.g. Training and induction of new employees, regular supplier compliance checks etc.)
Get in touch if you are feeling nervous. There are positive business benefits to be ready on time and we can help