Data protection overhaul to affect SMEs
Individuals will be able to legally ask businesses to delete certain personal data from next year under the proposals outlined in the new Data Protection Bill.
The Bill forms part of the EU’s General Data Protection Regulation, which comes into effect on 25 May 2018.
The legislation will come in regardless of the UK’s decision to leave the EU.
Some of the proposals for businesses outlined in the Bill include:
- accountability – making sure data controllers are more accountable for data processing with notification to the Information Commissioner’s Office within 72 hours of a data breach
- risk of data protection – businesses carrying out risk data processing need to prioritise personal privacy rights when handling personal data
- simplifying rules – rules will be associated to provide a clearer and fairer regime for data controllers and processors.
Dr Adam Marshall, director general of the British Chambers of Commerce, said:
“While consumers need assurance from business that any personal data held will not be misused, businesses need a helping hand from government as these changes come into effect, particularly those at the smaller end of the scale.
“This is a complex set of changes, so firms must be helped to get them right – and no small or medium-sized business working hard to adapt to the new regime should be hauled over the coals for unintentional mistakes in the early days.”
Contact us to discuss data protection for your business.