What is GDPR and does it impact all businesses?

​The General Data Protection Regulation (GDPR) will come into force in May 2018. It is a new legislation proposed by the European Commission that aims to strengthen and unify data protection for individuals within the European Union (EU), whilst also addressing the use and dissemination of personal data outside the EU.
 
If you have not heard of GDPR, or are unsure about what this means for your company, start with reading 12 ways to get ready for GDPR, prepared by the Information Commissioner’s Office.
 
The two main objectives of GDPR are to:
1) give individuals back control of their personal data
2) simplify the regulatory environment for international business by unifying the regulation within the EU

Whilst GDPR is intended for every business that collects and stores data, GDPR recognises that smaller businesses need to be treated differently to large or public enterprises. Article 30 of the regulation declares that organisations with fewer than 250 employees will be given some leeway -  although the regulation is not explicit in describing what the leeway exactly is. 
 
The key changes of GDPR from the Data Protection Act 1998 fall under the following areas:

• Penalties
• Consent
• Breach Notification
• Right to Access
• Right to be Forgotten
• Data Portability
• Privacy by Design
• Data Protection Officers

 
To understand the details behind each of these points, take a look at the EU GDPR website.
 
These new regulations should be taken seriously by all businesses, large and small; as the penalties for not being compliant are high. In addition, individuals will be able to seek compensation from businesses that abuse their data.
 
How will this change when Brexit comes into force?
Although the UK has voted to leave the EU, UK business will still have to comply with new regulations if the data they handle is about EU citizens, or has the potential to identify individuals within the EU. GDPR will replace the UK 1988 Data Protection Act (DPA), even post Brexit.
 
Perfect Layout hopes that this article has helped you to understand some basics about GDPR and has signposted you to some useful resources.
 
We aim to help all future clients understand the importance of GDPR, especially when it comes to collecting data via their websites. If you have any question, give us a call on 01708 578 015.