A recent survey issued by PwC has highlighted the record level of fines issued by the Information Commissioner’s Office (ICO) in 2016; however once the General Data Protection Regulation (GDPR) comes into force on 25 May 2018 – with fines of up to €20,000,000 a single fine alone could be over the ICO’s current yearly fines!! If you are already preparing for the GDPR, your organisation has less than a year to do so.
Part 3: Lawful Processing
In the third of our series on the General Data Protection Regulation (GDPR) and its effects on employers and HR departments, we concentrate on lawful processing under the GDPR and how employers will be affected by the new rules.
New rules on data protection are set to come into force in 12 months’ time – but taking action now can help you get prepared.
There are some major regulatory changes coming soon that will affect the construction industry – and there are some practical measures your organisation may need to implement over the next year.
Part 2: Employee rights under the GDPR
In the second of our series on the General Data Protection Regulation (GDPR) and what it means for employers and HR teams, we focus on how to manage employee data in line with the GDPR and how this will affect employers.
Part 1: Overview of the new rules
Notwithstanding Brexit, the new General Data Protection Regulation (GDPR) will be implemented in the UK and will bring about the greatest ever reform of our current laws on data protection as of 25 May 2018.
In the first of our series of blogs on the GDPR and preparing for change, we take a look at how your business will be obliged to comply with these upcoming changes; and with personal information playing a key role in any business, the task ahead, whilst manageable, will have to be planned for, resourced and implemented.
As featured in Third Force News
As featured in The Scotsman
The European Commission has proposed a new e-Privacy Regulation that will replace the current directive and overhaul the rules in relation to privacy and electronic communications.
On the 10th March 2017, the Italian Data Protection Authority – The Garante – fined five companies in excess of 11 million euros for unlawful processing of personal data. This decision from the Italian Data Protection Authority demonstrates a willingness from at least one EU data protection agency to levy fines that appear consistent with the GDPR, although not yet in force. This decision hints at a tougher approach by EU data protection bodies under the GDPR for breach of consent, a topic we have been talking a lot about in recent times! (Please click on the following links to view: Getting it right under the new rules; Part 1: What is consent? Part 2: What does this mean for your business; Part 3: Do we always need consent?; Part 4: Recording and Managing Consent).