The General Data Protection Regulation (GDPR) comes into force May 25, 2018. However, owing to the uncertainties surrounding Brexit many organisations have delayed assessing how they collect, process and use customer data. The feeling being that if the UK is no longer a member of the EU then data reform laws will not affect their business in the same way.
Earlier in October, the Government gave its first indication that GDPR will be implemented in the UK. Speaking at the Culture, Media and Sports Committee Secretary of State Karen Bradley MP said:
“We will be members of the EU in 2018 and therefore it would be expected and quite normal for us to opt into the GDPR and then look later at how best we might be able to help British business with data protection while maintaining high levels of protection for members of the public.”
With this confirmation, the message is clear: organisations need to take action now to understand and implement the new obligations they have when keeping customer data safe; the new levels of transparency needed when using data; and to demonstrate accountability for compliance to the GDPR.
What is GDPR and how will it affect me?
The GDPR has been created to strengthen the data protection rights for EU individuals and this new legislation will affect any European member state business offering goods or services, as well as any company that does any form of trade with customers within the EU. The reformed laws aim to provide more consistent, comprehensive protection of personal data rights.
That GDPR will give UK customers greater control of their personal data was welcomed by the Information Commissioner’s Office (ICO). Writing on the ICO blog, UK Information Officer Elizabeth Denham said:
“Citizens want the benefits of these digital services but they want privacy rights and strong protections too. Having sound, well-formulated and properly enforced data protection safeguards help mitigate risks and inspire public trust and confidence in how their information is handled by business, third sector organizations, the state and public service.”
To learn more, read General Data Protection: A practical guide for businesses.
This white paper has been created for Blue Sheep by specialist data protection consultancy Opt-4.