Subjects
Annual Updates Subcategories
Anti-Bribery & Compliance
Anti-Trust & Competition
Data Protection & Privacy Subcategories
Employment Law
Employment Status Subcategories
Equality, Diversity and Equal Rights Subcategories
Industrial & Workplace Relations Subcategories
International Mobility Subcategories
Protection of Business Interests Subcategories
Recruitment, Termination of Employment Subcategories
Remuneration Subcategories
Working Hours & Pay Subcategories
Workplace Culture Subcategories
Jurisdictions
Americas Subcategories
APAC Subcategories
Cross Border
EMEA Subcategories

General data protection compliance

By - - Data Protection, Privacy

The UK government has confirmed that the UK will be implementing the EU’s General Data Protection Regulation (GDPR) which comes into force from May 2018 when the UK will still be a member of the EU. Once the UK has left the EU it may look again in due time at whether to make UK specific adjustments. Click here for a GDPR overview.

This announcement follows the recent issue by the UK Information Commissioner’s Office (ICO) of a new code of practice, called ‘Privacy notices, transparency and control’ (the Code). The Code provides information to help data controllers meet the transparency requirements under the Data Protection Act 1998 (DPA) and the GDPR. The ICO has said that if you follow the Code’s guidance you are “well placed to comply with the GDPR regime.”

The Code covers all businesses processing personal data, and it includes advice and best practice examples on:

  • obtaining consent
  • what to put in the privacy notice, including how it should be written (a privacy notice checklist is available)
  • how to communicate privacy information to individuals
  • producing privacy notices for mobile devices
  • when to communicate privacy information
  • testing and implementing privacy notices
  • ensuring privacy notices are GDPR compliant

Currently, DPA breaches can result in fines of up to £500,000. Under the new GDPR regime however, fines of up to €20m or 4% of the company’s total worldwide annual turnover may be imposed.

It is therefore crucial that EU based businesses (and the UK) become familiar with the Code and make appropriate revisions to their privacy notices and procedures.

Further ICO guidance is expected in the run up to GDPR implementation in 2018.

Tags:
Scroll to Top