GDPR
On 25 May 2018, data protection law changed significantly with the introduction of the EU General Data Protection Regulation (GDPR) and UK Data Protection Act 2018.
Key changes under these laws affect almost all businesses. The rights of EU citizens to control their personal details have been enhanced and new unified obligations have been placed on those dealing with personal data. However, even though the deadline has passed, this is not the end of the compliance journey and organisations must continuously act to ensure they fully comply with the rules.
Previous data protection legislation (the Data Protection Act 1998 in the UK) was based on the Data Protection Directive of 1995 (the 1995 Directive) which set out key legal principles for dealing with personal data. For the past 15 to 20 years, these principles have been adopted in national legislation throughout the EU Member States in different ways, resulting in a disjointed approach to data protection in Europe. The GDPR replaced the 1995 Directive and is directly applicable in every EU Member State. This means there is now a single set of rules to avoid contradictory approaches across the EU.
Data Breach Response Helpline
Data breach reporting is now mandatory in many cases. If you believe your business may have suffered a personal data breach and/or something goes wrong, MacRoberts' Data Breach Response Team is on hand to guide you through the response process. For fast and effective assistance, please call our helpline on 0300 303 1019.
-
-
GDPR ICO fines Ticketmaster £1.25 million for failing to protect customers Ticketmaster UK Limited is the latest company to see monetary penalties being imposed upon it by the Information Commissioner's Office, for failing to protect customers' payment details in a cyber attack which potentially affected 9.4 million customers across Europe.
-
Brexit Data protection and Brexit: The key considerations Before the Brexit transition period ends on 31 December 2020, businesses would be well advised to take steps to ensure that they remain data protection compliant in the "post-Brexit" world. With this in mind, David Gourlay sets out some key points for businesses to consider.
-
GDPR ICO reduces major Marriott data breach fine by £80 million Renowned hotel chain Marriott International has been fined £18.4 million by the ICO over a data breach which is estimated to have affected around 339 million customers across the globe.
-
GDPR ICO publishes new guidance on subject access requests The ICO recently published its much anticipated new guidance on subject access requests (SARs), which will be of of particular interest to data protection officers and others with specific data protection responsibilities.
-
GDPR A soft landing? The ICO issues a much reduced fine for the British Airways data breach The Information Commissioner’s Office (ICO) announced last week that it has issued its long-awaited fine against British Airways plc (BA) for BA’s data breach following a significant cyber-attack in 2018.
-