I was recently told, after running through the offerings of Regency to a colleague on my client’s site, “Oh, you offer? Isn’t that just making shed loads of money like all the new computer consultancy companies did in 1999, leading up to the biggest fraud of the century, selling patches for the ‘didn’t happen’ Millennium Bug?”
To be honest, I was pretty shocked by that statement, one given who it was said by, and two, the fact that unlike the Millennium Bug,is known to be coming. It’s not a ‘something that may happen,’ it’s not ‘something made up’ it’s real, it’s happening and it’s happening soon.
here . (http://www.gdprcountdownclock.com/) Oh by the way, BREXIT isn’t going to mean we in the UK don’t have to comply, I’m pretty sure it’s in the ‘Great Repeal Bill’ which will transfer many laws into UK law when BREXIT happens., or to give it its full name “General Data Protection Regulation’ comes into law on 25th May 2018. That’s ages away isn’t it, more than six months, almost ten months, you’ve got loads of time to be ready, haven’t you? To be ready for whatever it is? is a monumental shift in data protection, it’s off the Richter Scale. In fact, it’s so monumental, there are numerous countdown clocks on the internet, inexorably counting down the seconds, the minutes, the hours, the days until this becomes law. You can find one
This short article is not going to list everything thatwill oblige any, and every, organisation that holds personal data, to comply with, but here’s just a few bullet points on what means and the difference between it and the DPA.
- applies to the individuals holding the data (the controller and processor in DPA (Data Protection Act) terms).
- If you must comply with the DPA, then you will more than likely have to comply with
- It applies solely to organisation operating in the (but as I said, BREXIT will not affect the UKs compliance).
- applies to Personal Data (HR records, personal contact details etc) together with ‘sensitive personal data’ such as medical records, genetic data etc.
- DPA only applies to the UK. applies to the and to any global company who hold data on citizens
- DPA is enforced in the UK by the (information Commissioners Officer). will be enforced by a supervisory agency here in the UK and in every country.
- Should you breach the DPA fines can be as high as £500,000 or 1% of your annual turnover. Breach , then fines could be as high as E20,000,000 or 4% of annual turnover.
- Under the DPA, you don’t need a DPO (Data Protection Officer), for organisations with 250 plus staff, within the you do.
- You don’t need to report data breaches under the DPA, you most certainly do within
- You don’t need to delete data under the DPA, you most certainly do in . Any person has the right within to request to be ‘forgotten’ to have all of their data removed, from everywhere.
- PIAs (Privacy Impact Assessments) are not mandatory under DPA, though the ICO has long recommended them; , they are mandatory.
You can see thatdiffers greatly from the DPA. There are far more mandated regulations and primarily, it’s accountability that is absolutely key; businesses and organisations must be able to demonstrate that they are compliant with . There are some ways of showing that, mandated within such as training, audits, internal HR reviews etc.
the new Millennium Bug? I don’t think so. As somebody who was sent home for Christmas leave in 1999 with a pager (remember them) and the instructions “if it hasn’t gone off by 0005 1st January 2000, then Happy New Year, you can have a drink” I’m pretty certain the sun is going to rise on 25 May 2018.
However, I’m no expert on firstname.lastname@example.org, but we do have somebody in Regency who is, our Data Protection Officer. If you are from an organisation who processes or holds personal data, however small your organisation is, and you would like a more comprehensive conversation with Regency’s DPO on the subject of and what it will mean for you, then call our office on 01242 225699 or email us at