The UK’s Data protection rules are set to dramatically change with the introduction of the EU’s General Data Protection Regulation (GDPR) which comes into force from today’s date. The new regulations involve significant changes on how organisations collect and process data. The new restrictions being brought mean that there are now greater penalties for failing to meet data protection regulations. The introduction of GDPR has a serious impact on employers in terms of how personal data is processed and stored for not just employees but also for contractors and job applicants.
- Complying with the GDPR is not a choice – it is mandatory.
- The new regulations affect all businesses that process personal data and they will require to comply with the GDPR as they process such information about their employees, customers, clients and suppliers.
- The GDPR directly regulates “data processors” for the first time. “Data controllers” will continue to be regulated.
- Organisations require to tell individuals more about why they are using their information and how they are using it – as well as what rights individuals have in respect of the data held.
- There will be potential fines imposed for non-compliance of up to 20 million euros or 4% of annual worldwide revenues, whichever is greater.
Here at Drummond Laurie we have taken a pro-active approach to these changes to ensure our compliance with the regulations. Details of our GDPR Privacy Statement can be found here.