General Data Protection Regulation
The General Data Protection Regulation (GDPR), which affects all organisations, came into force on 25 May 2018. It imposes significant new burdens on organisations across Europe, including a substantial amount of additional reporting requirements and increased fines and penalties (the greater of €20m or 4% global turnover). The UK Government recently announced that after Brexit the UK will continue to adopt a similar standard for data protection as set out in the GDPR.
Our dedicated team works with businesses and organisations to ensure they proactively manage the risks and opportunities presented by GDPR. Our practical advice covers a number of areas including:
- Raising awareness and training
- Data Audits
- Updating privacy processes and DPO appointments
- Customer and consent reviews
- Contract reviews
- Overseas data transfer mapping
- HR processes and contracts
- Data subject access requests and breach reporting
- Security reviews
- Data protection impact assessments
We have produced a number of sector specific guides and action plans to help our clients manage the transition to The GDPR.