Blog Search

Archives

Getting ready for GDPR

The new General Data Protection Regulation (GDPR), which will replace the existing Data Protection Act (DPA), takes effect from 25 May 2018. UK organisations that process the personal data of EU residents need to ensure systems are in place by then to enable compliance with new requirements.

The GDPR is more extensive in scope and application than the current DPA. The Regulation extends the data rights of individuals, and requires organisations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organisational measures.

The GDPR introduces a number of key changes for organisations including:

– the definition of personal data is being widened, which in turn will bring more data in the regulated perimeter
– parental consent will be required for processing personal data of children under 16
– revised rules for obtaining valid consent
– mandatory appointment of a data protection officer (DPO) for certain companies
– mandatory data protection impact assessments
– new requirements for data breach notifications
– new restrictions on international data transfers
– new requirements for data portability

The government has confirmed that the UK’s decision to leave the EU will not affect the commencement of the GDPR. Enforcing GDPR in the UK will be the responsibility of the Information Commissioner’s Office (ICO).

The GDPR applies to ‘controllers’ and ‘processors’. The definitions are broadly the same as under the DPA – i.e. the controller says how and why personal data is processed and the processor acts on the controller’s behalf. Organisations that are currently subject to the DPA, are also likely to be subject to the GDPR.

Tough penalties can be imposed for non-compliance – organisations found in breach of the Regulation may be fined up to 4% of annual global turnover or 20m euros, whichever is the greater.

Further information on the GDPR, including details of the compliance requirements, can be found on the ICO website.

  • Latest news and testimonials

  • Latest News

    • September Q&A

      Q. I have two small businesses which are treated as a group for VAT purposes, so we only submit a single VAT return covering both …

      Read more
    • Making Tax Digital for Business: update

      In July, the Government confirmed that the Summer Finance Bill would be published in September, with the measures dropped from the pre-election Finance Bill being reintroduced …

      Read more
  • Testimonials

    • Partner – Solicitor

      I have worked with SBL over the last 10 years on numerous matters involving owner-managed business. They are professional, personable, knowledgeable and work incredibly hard to provide the best advice to their clients. I would have no hesitation in recommending SBL.

      Read more
    • Director – Networking Company

      SBL are a professional Accountancy Firm and are exceptionally up to date with all legislations.  SBL know their clients extremely well and what will work best for their business. SBL understands business and how business works and they deliver the very best considered professional advice.

      Read more
    • Director – Retail/Fashion Company

      SBL have provided auditing and other accounting services for our company for more than 10 years. They not only offered excellent support from a professional accountant company, but also delivered forward-thinking advice on how to improve our business.