T: 01332 380691
Ashgates - Accountants and Business Advisors based in Derby
  • Who We are
    • Client Reviews
    • Charity work >
      • 40 Something Challenge
    • Careers
    • Our Values
  • The Team
  • What we do
    • Accountancy Services >
      • Accounts
      • Audit
      • Bookkeeping, VAT & Management Accounts
      • Business Start-up Advice
      • Business Plans & Cashflow Forecasting
      • Company Secretarial
      • Payroll
      • Tax
    • Corporate Finance
    • Financial Services
    • HR Services
    • IT Services
    • Financial Software >
      • Sage
      • Xero
    • Sports Professionals
  • News
  • Contact
  • Resources
    • COVID-19 Hub
  • Who We are
    • Client Reviews
    • Charity work >
      • 40 Something Challenge
    • Careers
    • Our Values
  • The Team
  • What we do
    • Accountancy Services >
      • Accounts
      • Audit
      • Bookkeeping, VAT & Management Accounts
      • Business Start-up Advice
      • Business Plans & Cashflow Forecasting
      • Company Secretarial
      • Payroll
      • Tax
    • Corporate Finance
    • Financial Services
    • HR Services
    • IT Services
    • Financial Software >
      • Sage
      • Xero
    • Sports Professionals
  • News
  • Contact
  • Resources
    • COVID-19 Hub

Get ready for the new data protection rules

5/9/2017

 
The government is to introduce new data protection rules under the General Data Protection Regulation (GDPR) which takes effect from 25 May 2018.
Under the GDPR businesses will have increased obligations to safeguard the personal information of individuals which is stored by the business. These rules apply to the information of customers, suppliers or employees. Generally for those who are currently caught by the Data Protection Act it is likely that you will have to comply with the GDPR.
GDPR will apply to data ‘controllers’ and ‘processors.’ Processing is about the more technical end of operations, like storing, retrieving and erasing data, whilst controlling data involves its manipulation in terms of interpretation, or decision making based on the data. The data processor processes personal data on behalf of a data controller. Obligations for processors are a new requirement under the GDPR.

The GDPR applies to personal data which is wider than under the Data Protection Act (DPA).
One key change to the current DPA rules is that those affected will have to show how they have complied with the rules. Proof of staff training and reviewing HR policies are examples of compliance.

Under GDPR, higher standards are set for consent. Consent means offering people genuine choice and control over how their data is used.

Overall, the aims of GDPR are to create a minimal data security risk environment, and to protect personal data to rigorous standards. For most organisations, this will entail time and energy getting up to speed with compliance procedures. Reviewing consent mechanisms already in place is likely to be a key priority. In practice, this means things like ensuring active opt-in, rather than offering pre-ticked opt-in boxes, which become invalid under the new rules.

Organisations will also have to think about existing DPA consents. The ICO’s advice is that:
‘You should review how you seek, record and manage consent and whether you need to make any changes. Refresh existing consents now if they don’t meet the GDPR standard.’

Where the current consents do not meet the new GDPR then action will be needed.

The fines for non compliance are severe at up to 20 million euros or 4% of total worldwide annual turnover (if higher).

The Information Commissioner’s Office (ICO) has published some very useful information and a 12 step planning guide to help organisations get ready ahead of the May 2018 deadline.
​
Internet links: ICO getting ready GDPR 12 steps.pdf

Comments are closed.

    Archives

    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    May 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016

    RSS Feed


​Services

Accounts
Audit
Bookkeeping
Business Start-up & Advice
Business Plans & Cashflow Forecasting
Company Secretarial
Corporate Finance
Financial Services
HR Services
IT Services
Management Accounts
Payroll
Sage
Sports Professional
Tax
​VAT
Xero


​Company

Who We Are
​What We Do
Client Reviews
Charity Work
Careers
Team Ashgates
Leave us a Review
​Terms of Use
Privacy Notice
​
Staying COVID-19 Secure in 2020
Cyber Essentials
Tweets by Ashgates

​Website build : Ashgates IT
​
© ASHGATES GROUP 2021. ​ALL RIGHTS RESERVED.
5 Prospect Place, Millennium Way, Pride Park, Derby, DE24 8HG