As of May 25 2018, Europe's data protection rules will undergo their biggest changes in two decades. Since the current act was passed in 1998, the amount of digital information created, captured, and stored by companies has increased massively. The current Data Protection Act, which sets out how personal information can be used by companies, government and other organisations, is no longer able to effectively cover all the areas required. Therefore, the mutually agreed European General Data Protection Regulation (GDPR) will replace it changing how businesses and public-sector organisations can handle the information of customers.
What GDPR is and how it affects your company
GDPR is Europe's new framework for data protection laws. The legislation is designed to harmonise data privacy laws across Europe and give greater protection and rights to individuals. With the new regulations come large changes for the public, businesses and bodies that handle personal information. A two-year preparation period has been awarded to businesses and public bodies covered by the regulation to prepare for the changes.
If your company is currently subject to the current Data Protection Act, it will likely also be subject to GDPR. Individuals, organisations, and companies that are either 'controllers' or 'processors' of personal data will be covered by GDPR. The government says the law sets out a number of exemptions from GDPR, including added protections for journalists, scientific and historical researchers, and anti-doping agencies who handle people's personal information.
The differences between the new GDPR and the old data protection laws
In the full text of GDPR there are 99 articles that include regulations concerning people’s individual rights, accountability and governance as well as many other topics. These are outlined in more detail below.
Accountability and governance
- Increased internal awareness
- Specific details of Information You Hold
- Data Protection by Design
- Data Protection Impact Assessments
- Data Protection Officers
- Lawfulness of processing Personal Data
The new rights for individuals are:
- The right to be informed
- The right of access
- The right to rectification
- The right to be forgotten
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
Other key areas to consider
- Data Breach notifications
- Transfer of Data
- New level of fines
There will also be new regulations in accordance with equality and diversity.
Preparing your business to become compliant with the new GDPR
The law states that everyone should take “appropriate technical and organisational measures” in protecting data. This means that a twenty person small and medium enterprise doesn’t need to have the same measures in place as a multi-national company. If you can state that you are GDPR compliant you will have a huge market advantage over you competitors as clients will be confident that you are protecting their priceless data.
In order to prepare your business for the new GDPR, Nano Training Services are holding GDPR training for all Essex businesses, designed to help with "easier understanding" of the new legislation. Qualified Trainers from Nano, SHARP UK and Nicholls Law, who were the first law firm in Essex to be accredited GDPR Practitioners, have defined the GDPR regulation for you in an easy to understand learning workshop covering each area. The workshop will help businesses of any size to become compliant.
Nano Training Services are sponsored by INVEST Essex and have three upcoming workshops spread across November until January in Colchester, Chelmsford and Southend. To find out more and book your place onto one of these workshops see here.
About Nano Training Services
Nano Training services provides relaxing professional training workshops for businesses. They cover Essex with workshops in Colchester, Chelmsford, Southend, Brentwood and Harlow with fully qualified Assessor/Trainers to achieve understanding for the business and education sector. Nano Training Services work in partnership for GDPR with SHARP UK and Nicholls Law, giving all businesses large or small information and training, helping you to Work Safe.
Nano Training Services also run on-site workshops designed for your company.
To find out more about Nano Training Services see here.