GDPR: the time to act is now!
The General Data Protection Regulation (GDPR) comes into force on the 25th May 2018 and represents a hugely significant, once in a generation, change in the rules on data protection that everyone needs to know about and prepare for.
The GDPR applies to more organisations than ever before, sets out more onerous requirements for you to comply with and is backed with a more aggressive enforcement regime. If you do not comply with the changes then the consequences could be severe with significantly increased fines and a much greater likelihood of paying compensation in some cases.
At the minute the maximum fine is £500,000 but under the GDPR there are two tiers of fines. The first tier has a maximum of 10 million euros or 2% of global turnover whichever is the higher, while the second tier has a maximum of 20 million euros or 4% of global turnover whichever is the higher. The ICO will apply risk assessment criteria when deciding how much to fine you but it is clear that significantly larger fines are on the way under GDPR.
Compensation can be awarded both for financial loss and also for anxiety and distress caused by a breach of the GDPR. Awards can be for several thousand pounds. Under the GDPR they are likely to be more common not least because under the GDPR many security breaches will have to be reported to the individuals affected who would then be entitled to claim compensation.
The time to act is now! The GDPR requirements can be complied with as long as there is a genuine desire in your organisation to take this seriously. Given the size of potential fines and compensation that should be a given.
To learn more join us for a free-to-attend webinar on Wednesday 21st th February presented by Keith Markham.
Keith has been advising and lecturing in this area for the last ten years and also recently authored a book entitled ‘A Practical Guide to the General Data Protection Regulation’. Drawing on Keith’s experiences of assisting organisations with GDPR compliance this webinar sets out the simple practical steps that you need to take to ensure compliance and manage risk in a commercially sensible way.
Topics will include:
- Principles and Accountability – how do I demonstrate compliance with the GDPR?
- Consent – what are the changes and what alternatives are available?
- Data Subjects’ Rights – what do I need to do about the right to erasure?
- Data Security – what new requirements do I need to comply with and how do I do this?
- Data Protection Officers – do I need to appoint one?
- Enforcement Regime – how will fines and compensation work under the GDPR?
Please register here.
For a more comprehensive overview of GDPR and all Data Protection issues, click here to see upcoming courses with BPP. Course are taking place across the country and also Online via our Online Classroom Live portal.
Or for more information, please get in touch via: firstname.lastname@example.org