GDPR – What is it and does it affect me?

The Data Protection Bill was published in Parliament last week (14.09.17) by Digital Minister Matt Hancock. It fully incorporates the EU’s GDPR and when the Bill is passed into law it will become the Data Protection Act 2018. The new Act will affect almost every business – are you prepared? If not, read our latest blog…

General Data Protection Regulation

We live in a digital age, where we regularly share our details online. Even the most vigilant individuals will have a social media profile, or at the very least, have revelled in the world of online shopping. Naturally, during these transactions, we trust companies with safely storing and disposing of the most sensitive of data, such as our addresses and card details, but data breaches are on the rise and leading industry bodies are keen to implement new laws that will help prevent such issues occurring. As a result, next year, the European Union will be introducing new regulations to help protect customers and their details. It may not come into force until May 2018, but the industry is already beginning to talk about the European Union’s General Data Protection Regulation (GDPR). The term GDPR has been floating around for a number of months now, and for those who are unsure of what it means, we’re here to break it down.

So what is the GDPR?

As the existing regulation (the UK Data Protection Act) was developed years before the advancement of technology, the GDPR aims to fill the legal gaps by addressing the current issues at hand, such as data sharing and theft. The new rules will combat these issues by covering the following areas: proving that consent to keep the data was given, showing where the data is being used as well as how the company is protecting it (for example a secure off-site storage facility) and when the time is right, disposing of the data correctly. The GDPR affects all businesses and will change the ways in which they are legally able to handle customer’s personal data. For organisations who fail to comply, significant fines will be incurred; experts are predicting that the EU will total up over €20million worth of fines once the GDPR is set in motion.

But what does this mean for the UK who are set to leave the European Union?

The new GDPR regulation is set for introduction on the 25th May 2018 and will be called The Data Protection ACt 2018; at this point, the UK is likely to still be in the EU and organisations need to be able to prove they have the right consent to hold data and prove they have disposed of it correctly (shredding). The UK is not expected to leave the EU until March 2019, meaning that the regulations will be applicable to UK citizens, and it is expected that the UK will look to enforce a similar regulation on exiting the EU.

Here at Topwood, we understand just how important it is to protect data. With the recent developments in online hacking and the increase in data breaches, we are hopeful that the new regulations will reduce these incidents. Remember though, old data still needs to be disposed of correctly to retain data protection, so make sure you contact us to help securely destroy old records. We have the ability to safely and securely destroy paper files and records as well as dispose of computer hard drives and media. All data destruction can happen on-site and most importantly, organisations are provided with evidence that the data has been effectively destroyed through a certificate of destruction and CCTV footage.

Get in touch with us today to organise your data disposal: Contact Us