Legal Experts Urge Businesses To Comply With New Data Protection Laws or Face Fines
Legal experts at Irwin Mitchell are urging firms to comply to the incoming General Data Protection Regulation (GDPR) after a study showed that nearly a quarter of UK businesses have abandoned their compliance plans because of Brexit.
A survey of British businesses by Crown Records Management concluded that almost half (44%) of UK businesses do not believe GDPR will apply to UK companies once the UK formally exits the EU.
The Government have already confirmed that GDPR will be preserved by the Great Repeal Bill.
Last week the Information Commissioners Office revealed that nearly half of all companies are struggling to comply with existing data protection laws, let alone the GDPR reforms which businesses must comply with by 25th May 2018.
Some of the key changes to be introduced by the GDPR include:
- Compulsory notification of data breaches;
- Obligations to be more transparent in how you use personal data;
- Increased rights given to individuals to access the data you hold on them;
- The Right to be Forgotten.
Non-compliance can lead to potential fines of up to €20 million or 4% of annual worldwide turnover, whichever is bigger.
Joanne Bone is a Partner at law firm Irwin Mitchell specialising in helping businesses identify gaps in their compliance and coming up with tailor made solutions to help them avoid fines but also maximise the potential that GDPR offers.
In a recent survey the firm found that clients ranked data protection and GDPR compliance as top of their list of concerns ahead of Brexit, despite the worryingly small amount of firms preparing to comply.
The Government has already indicated they will stick to the reforms after Britain leaves the EU. The clock is ticking and these figures are highly concerning as businesses who think that Brexit will mean the new rules don’t apply to them are mistaken.
Clients have told us their worries about the amount of work that becoming GDPR compliant will involve and we’ve told them that starting early is key. GDPR compliance is a marathon and not a sprint and dealing with it sooner rather than later will mean that businesses can put in place a more manageable timetable. We have also highlighted the benefits that compliance can offer.
It is hard to think of a business today that does not use personal data. Whether you have employee data, customer data or supplier data – if the data relates to an individual you will be caught by the new data protection laws. Even data relating to sole traders and partnerships will be caught.
Taking a proactive approach to preparing for GDPR compliance will potentially reap benefits. Good data governance can build customer trust. The right permissions can also help you take advantage of Big Data and make your data work for your business.
Joanne Bone - Partner