GDPR
On 25 May 2018, data protection law changed significantly with the introduction of the EU General Data Protection Regulation (GDPR) and UK Data Protection Act 2018.
Key changes under these laws affect almost all businesses. The rights of EU citizens to control their personal details have been enhanced and new unified obligations have been placed on those dealing with personal data. However, even though the deadline has passed, this is not the end of the compliance journey and organisations must continuously act to ensure they fully comply with the rules.
Previous data protection legislation (the Data Protection Act 1998 in the UK) was based on the Data Protection Directive of 1995 (the 1995 Directive) which set out key legal principles for dealing with personal data. For the past 15 to 20 years, these principles have been adopted in national legislation throughout the EU Member States in different ways, resulting in a disjointed approach to data protection in Europe. The GDPR replaced the 1995 Directive and is directly applicable in every EU Member State. This means there is now a single set of rules to avoid contradictory approaches across the EU.
Data Breach Response Helpline
Data breach reporting is now mandatory in many cases. If you believe your business may have suffered a personal data breach and/or something goes wrong, MacRoberts' Data Breach Response Team is on hand to guide you through the response process. For fast and effective assistance, please call our helpline on 0300 303 1019.
-
-
GDPR Data adequacy decision for the UK – a mere formality or tentative steps? On 19 February 2021, the European Commission published its draft data adequacy decisions in favour of the United Kingdom in relation to both the GDPR and the Law Enforcement Directive.
-
COVID-19 Mandatory vaccinations in the workplace? Key considerations for employers While nationwide rollout of the COVID-19 vaccine is undoubtedly a cause for celebration and tentative optimism, it also poses new challenges for employers in ensuring a safe workplace for workers and those who visit their premises.
-
GDPR EU/EEA-UK personal data flows after 1 January 2021 The UK-EU Trade and Cooperation Agreement announced on 24 December 2020 extends the free flow of personal data between the EU/EEA and the UK for up to six months.
-
GDPR The importance of obtaining consent before depositing cookies: Amazon and Google fined The French data protection authority has imposed substantial fines on Amazon and Google for alleged violations of cookie notice and consent requirements.
-
GDPR ICO publishes new data sharing code of practice The ICO recently published a new data sharing code of practice, which it will consider when assessing whether an organisation has complied with the law when sharing personal data.
-