The GDPR Directive enters into force on 5 May 2016 and EU Member States have to transpose it into their national law by 6 May 2018. What does this mean for the UK? In brief...the existing Data Protection Act (DPA) will be replaced by the EU’s General Data Protection Regulation (GDPR), a framework with greater scope and much tougher punishments for those who fail to comply with new rules around the storage and handling of personal data.
'Ah...but aren't we leaving the EU?' You may ask...Okay the UK is in the process of uncoupling from the EU, however the Great Repeal Act means it is very likely to be converted into British law beyond the leave date, so this does not look like an easy get out and because of the ease with which many SMEs collect data and cyber criminals seize that data, the DPA, drawn up in very different times, means the current legislation has been long overdue for an overhaul. One of the biggest changes and challenges SMEs will face will be concerns over consent. Under the new regulations, companies must keep a thorough record of how and when an individual gives consent to store and ultimately use their personal data. This is one of many new conditions, by all accounts this is going to be very demanding legislation and potentially very costly if a fine is imposed for a data breach or misuse. Of course there is far more to this subject than can be placed here. BT have produced a handy guide which you may want to download called 'Dealing with new EU data-protection regulation'. https://business.bt.com/content/dam/bt/business/PDFs/solutions/GDPR_white%20paper_v4.pdf
2 Comments
Adrian
8/3/2018 12:57:00 pm
As you allude to, this new regulation will favour the big players, the on-line travel agencies, especially as micro businesses shy away from keeping their own customer records in favour of letting the OTAs keep them, however this leaves us vulnerable and with less direct contact to 'our' customers.
Reply
Leave a Reply. |