As you should know, the EU General Data Protection Regulation (GDPR) comes into force one year from today, 25th May 2018. As we will still be in the EU then, whatever kind of Brexit we are in for, you only have 12 months to make sure that all your systems support compliance. If you need any incentive to start taking this seriously, you only have to consider that the maximum fine for breach of data protection regulations is increasing from £500,000 to €10 million or 2% of global gross revenue (whichever is higher) – that’s just for a level 1 breach, with double these amounts for a level 2 breach!
To help you on your journey to GDPR compliance, we will be publishing a series of posts about aspects of GDPR over the next few weeks. Initially, we will cover:
- What is changing from the current Data Protection Act
- Key definitions
- When you need consent (explicit or otherwise)
- The differing obligations of Data Controllers and Data Processors
- Data Subject rights.
After that, we will look at how matchIT Data Quality Solutions can help you be compliant and avoid breaches of the new law – especially how a genuine Single Customer View helps to keep data accurate and up to date and ensures that you can respond to Subject Access Requests promptly, fully and efficiently.
The implications of GDPR are far reaching and HMG guidance is still being developed by the Department for Culture, Media and Sport, in consultation with industry bodies such as TechUK. Some companies may find that with only one year to go, they may not be able to become completely compliant by then – in which case, it is vital to mitigate potential costs of non-compliance by demonstrating effective progress, with a realistic timetable for full compliance. Look out for our next few posts to help you navigate towards that goal!