Published: 13/11/2018 By Lindsey MooreLike most professional practices, at turpin barker armstrong we are having to get to grips with General Data Protection Regulations (“GDPR”), what it’s all about, how it impacts on the way we treat personal data and the potential consequences of not getting it right.
Data Protection legislation has been around for 20 years, so the need to safeguard the information held is nothing new. GDPR is the outcome of 4 years’ work by the EU to modernise and bring existing data legislation up to date. Before you get too excited at the mention of the EU perhaps thinking that Brexit will get us out of it, it won’t! The government has already confirmed that post Brexit the UK’s own law will mirror GDPR.
GDPR and the Data Protection Act 2018 have far reaching effects and consequences, which apply to every business established in the EU and may apply to companies based outside of the EU that process the personal data of EU citizens.
So what happens if we don’t get it right? There are hefty fines for breaches of the legislation. Lesser incidents have a maximum fine of €10m or 2% of turnover and more serious breaches will incur fines of up to €20m or 4% of overall turnover (whichever is greater).
Insolvency could be a real risk for non-compliant businesses as a result of fines. Also, individuals could sue you if they suffer as a result of your data management.
You would therefore be wise to think carefully about how the legislation affects your business, adjust your procedures as necessary and ensure that you and all of your staff are fully aware of their responsibilities with regard to personal data.