Data protection law changed significantly on 25 May 2018 with the introduction of the EU General Data Protection Regulation (GDPR) and UK Data Protection Act 2018.

Key changes under the GDPR affect almost all businesses. The rights of EU citizens to control their personal details have been enhanced and new unified obligations have been placed on those dealing with personal data. However, this is not the end of the compliance journey for organisations, and they must act now to ensure they fully comply with the new rules.

Previous data protection legislation (the Data Protection Act 1998 in the UK) was based on the Data Protection Directive of 1995 (the 1995 Directive) which set out key legal principles for dealing with personal data. For the past 15 to 20 years these principles have been adopted in national legislation throughout the EU Member States in different ways resulting in a disjointed approach to data protection in Europe. The GDPR replaced the 1995 Directive and is directly applicable in every EU Member State. This means there is now a single set of rules to avoid contradictory approaches across the EU.

Data Breach Response Team

Data breach reporting is now mandatory in many cases. If you believe your business may have suffered a personal data breach and/or something goes wrong, MacRoberts' Data Breach Response Team is on hand to guide you through the response process. For fast and effective assistance, please call our helpline on 0300 303 1019.

    • GDPR GDPR: What do employers and HR teams need to know? (Part 1) The General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA) came into force on 25 May 2018 and represents the biggest change to EU data protection laws in over three decades. Since the coming into force of the GDPR and DPA, there has been a sharp increase in complaints to regulators.
    • GDPR Data Protection & Cyber Security Newsletter - February 2019 This newsletter looks at the topical issues in data protection and cyber security and notable developments, both in the UK and further afield.
    • GDPR B(rexit) Day is approaching – what will happen to international data transfers? Notwithstanding the current political turmoil surrounding Brexit (deal or no deal?) the UK are still scheduled to exit the European Union (EU) on 29 March 2019 (only 6 weeks away!) and as the politicians grapple with the complexities of hard/soft Brexit options with the clock ticking down to B(rexit) Day, we are looking at how data will be transferred outside of the UK (and EU) post-Brexit.
    • Technology, Media & Telecoms GDPR compliance now more important than ever for financial services firms The Financial Conduct Authority (the FCA), the UK’s regulator of financial firms and the Information Commissioner’s Office (the ICO), the UK’s data protection watchdog, have signed an updated Memorandum of Understanding (MoU).
    • GDPR New guidelines on the territorial scope of the GDPR The GDPR has created new obligations for non-European businesses in certain circumstances. Since the Regulations were first published there has been uncertainty in relation to the full extent of the territorial scope of the GDPR itself.

Data Breach Response Helpline

If you have a notifiable personal data breach, you only have 72 hours from becoming aware of the breach to inform the ICO.

We can assist you in understanding whether or not you have actually had a breach, or if it is instead a non-compliance issue.

For fast and effective assistance, please call our Data Breach Response Team helpline on 0300 303 1019.

Latest updates from @MacRoberts